WhatsApp just added a new security feature called Secret Code. An evolution of the Chat Lock feature that lets you password-protect sensitive WhatsApp Chats, Secret Code will hide your locked chats from view in a secret folder. This one becomes available only when you enter your Secret Code. That’s a great privacy feature to have on messaging apps, especially on end-to-end encrypted apps like WhatsApp.
That’s not the feature I want Apple to steal for the iPhone’s iMessage app. WhatsApp also has another layer of security that lets you lock the entire app. You can protect it with Face ID (or the phone’s PIN), which is an extra layer of security that iMessage doesn’t have. I wouldn’t mind if iMessage allowed me to lock down the entire app behind Face ID.
You can lock WhatsApp with Face ID
The iPhone is encrypted the minute you set a password/PIN and set up Face ID or Touch ID. But if someone uses your device, or thieves steal it along with your password, all the data on it is fair game.
Some of the most sensitive apps on the iPhone are password-protected. Think mobile banking apps and any other apps that deal in finance. Unlike other apps where you log in once and then can use the app, these apps will always prompt a login. Banking apps will have their own passwords, but you can set up Face ID to access them.
WhatsApp and Facebook Messenger got support for Face ID protection. That is, you can lock the apps behind Face ID. In this case, your phone’s password or PIN would also unlock the chat apps.
You can think of various scenarios where the feature comes in handy. It’s not about nefarious scenarios, but about protecting sensitive information in those chats. Or complete access to them, which might help someone make changes to those accounts.
I don’t even care about WhatsApp’s new Chat Lock and Secret Code features. These are extra safety features one could employ for particularly sensitive information. Maybe you’re chatting with yourself inside WhatsApp and use that chat to save particular information, like documents and some passwords.
What I’m more concerned about is the scenario where thieves would not only get access to my iPhone, but they’d also get my password. Such attacks are rare but possible on iPhones. It’s why I’ve already locked down access to my Apple ID account on my iPhone.
In such a case, I’d want chat apps to be treated just like financial apps when it comes to security. I want an extra layer of authentication, the easy but safe kind that Face ID provides.
More iPhone apps could get similar security
I’d love to be able to use Face ID to lock down iMessage. We already have such protection from Apple inside the Photos app, where the folders containing hidden and deleted images are both protected. Then there’s the lockdown of Safari private browsing via Face ID or individual Notes files. Apple could easily extend the same functionality to iMessage.
Come to think of it, I’d also secure apps like Health and Home on iPhone. They also contain sensitive information I wouldn’t want others to access. Then there’s the entire Notes app that I’d like to lock under Face ID. But it all has to start somewhere, and that might be the iPhone’s Messages app.
I’ll also point out that adding Face ID protection to more default iPhone apps would be a great feature for the iPad. After all, the iPad is the kind of device you’re likely to share, especially with kids. They can always accidentally access apps like iMessage or Notes and delete content.
The possible complications
There is one issue here that I’ll mention from the get-go. Apple would have to figure out a way to let you set up different passwords for those apps than the screen lock password/PIN. Just like you have different passwords for your banking apps, but you can still enable Face ID logins.
Again, with the iPad scenario, your children might know the iPad’s password. Therefore, they could get into a locked Messages app if Face ID is attached to the same screen lock password.
Finally, there’s the issue of recovering access to those apps in case you forget those passwords. Yeah, the kind of extra iPhone security I’m thinking of might be complicated to get right. And I realize I might not even need such extra security. But if there’s anyone that can deliver it, that’s Apple.
If you think having Face ID is an extra hassle, you might not be using it right. Face ID offers almost instant authentication, and it’s mostly passive. You wouldn’t have to do anything but look at the screen to have those apps unlocked.