At least in the current beta seed, the iOS 10 lock screen has a bit of a loophole due to the new expanded notification system that developers and public beta users should be aware of. In short: anyone can view and reply to iMessages or text messages from the lock screen without entering the device passcode or authenticating with Touch ID. This security issue persists even while the ‘Reply With Message’ setting is disabled and applies to other apps like Twitter as well.
This means that anyone can reply to messages if you are running the iOS 10 developer or public beta. Occasionally, the phone will correctly ask for passcode input, but in the majority of cases in our testing iOS 10 allowed us to reply freely without fingerprint or passcode. To try this out for yourself, follow the steps after the jump …
The steps to reproduce this bug aren’t difficult, as long as you ignore the normal way you would reply to a message in iOS 9 and instead take advantage of the new notification features in iOS 10. This means opening the expanded view, as follows:
- Receive an iMessage or text notification of a new message on the iOS 10 lock screen, ensuring you don’t accidentally unlock the phone with Touch ID.
- Use 3D Touch to activate the expanded notification (or slide and tap View).
- Type in the text box that appears. You are now sending a reply while the phone is locked.
You can have a multi-message conversation just from the notification interface. As stated above, this behavior works regardless of whether Reply With Message setting is enabled or disabled. This also ‘works’ with third-party apps that implement expanded conversation views.
Although it doesn’t give access to the whole phone (for instance the Camera Roll remains locked as it should be), it does open a small hole in iOS security for the time being where someone unscrupulous could steal the phone and impersonate its owner with text message replies.
That being said, this is a beta. It is almost certain that Apple will have fixed this bug by the time iOS 10 ships to the masses, as it appears to be an oversight in the security preferences given the new functionality and capabilities of lock screen notifications when they are expanded. Equally, this same seed is available to a lot of users on both developer and public beta seeds, so it’s worth being aware of and serves as a reason why users should always approach public betas with caution.
uh so i think anyone can send a quick reply from the lock screen of a locked iphone even when “reply with message” is disabled in settings
— Mike Beasley (@MikeBeas) July 12, 2016
We’ll keep a watch on iOS 10 as new betas are released to see when/if this issue is addressed.