Android 16 Lock Screen Flaw Lets Gemini Send Messages Without PIN
A critical vulnerability in Android 16 allows Gemini to bypass lock screen PINs and send SMS and WhatsApp messages, with a fix rolling out this week.

A significant security flaw has been discovered in Android 16, enabling the Gemini AI assistant to send SMS and WhatsApp messages from the lock screen without requiring a user's PIN. Reports of this vulnerability began surfacing in May, with users demonstrating how to exploit the loophole on devices with Gemini access enabled.
The exploit requires physical access to the device and involves a specific multi-touch gesture to bypass the authentication prompt. When a user attempts to send a message via Gemini from the lock screen after revoking its direct access to messaging apps, the system prompts for a PIN. However, by simultaneously pressing the "Continue" button and Gemini's "Add attachment" button, an unauthenticated user can proceed to send the message.
This bypass extends to other applications as well. Users can invoke Gemini's ability to access apps like WhatsApp by typing "@WhatsApp" in the Gemini text window. While accessing the device's settings to confirm these connections requires a correct PIN, the initial authentication step for enabling these app integrations via Gemini on the lock screen is circumvented.
While the technical nature of the exploit might seem complex, the potential real-world impact is concerning. Given the prevalence of phone theft and the possibility of sending convincing messages for fraudulent purposes, such as fake kidnapping scams, the vulnerability warrants attention despite the requirement for physical access.
Google has acknowledged the bug, stating that a fix has already been implemented and was scheduled for full deployment this week. The company confirmed that the vulnerability is not exclusive to its Pixel devices, although it did not specify which other manufacturers or models are affected.
This incident highlights the ongoing challenges in securing AI integrations within mobile operating systems. As AI assistants become more deeply embedded in device functionality, ensuring robust authentication and access controls, especially on the lock screen, remains a critical security priority.
The vulnerability underscores the need for continuous security testing and rapid patching of AI-powered features. Users are advised to ensure their Android devices are updated promptly once the patch becomes available to mitigate this risk.