At least in the current beta seed, the iOS 10 lock screen has a bit of a loophole due to the new expanded notification system that developers and public beta users should be aware of. In short: anyone can view and reply to iMessages or text messages from the lock screen without entering the device passcode or authenticating with Touch ID. This security issue persists even while the ‘Reply With Message’ setting is disabled and applies to other apps like Twitter as well.
This means that anyone can reply to messages if you are running the iOS 10 developer or public beta. Occasionally, the phone will correctly ask for passcode input, but in the majority of cases in our testing iOS 10 allowed us to reply freely without fingerprint or passcode. To try this out for yourself, follow the steps after the jump …
more…Filed under: Apple