Google's AI assistant Gemini on Android 16 lets a multi finger gesture bypass the lock screen PIN and re enable disconnected apps like WhatsApp, until a fix lands.
A person with your Android 16 phone in their hand can send a text as you, without knowing your PIN. The trick, reported by The Register, targets Google's Gemini assistant: tap "Continue" on its PIN prompt at the same moment as Gemini's "Add attachment" button, and the assistant authenticates the user without the lock-screen password.
The bug compounds after the first SMS. With Gemini past the PIN, an attacker can type a handle like @WhatsApp into the Gemini window and re-enable the assistant's access to apps the owner had previously disconnected, with no further PIN challenge. That turns a one-shot text into a persistent change to which apps Gemini can reach on the device.
The bypass needs physical access and Android 16 with Gemini lock-screen access enabled, per Bitdefender's write-up of the lineage. It is the latest in a series of similar Gemini-based lock-screen bypasses researchers have documented since September 2025, not a regression of a single prior fix.
Google told The Register a fix is coming "as soon as this week." Until it lands, the move is in Settings: turn off Gemini's lock-screen access, or revoke its access to Messages and WhatsApp, then install the patch when it arrives.