I mean to use the Public device/Static Random address returned by Cy_BLE_GAP_GetPeerDevSecurityKeyInfo() for the whitelist.
Most of the smart phones use RPA(Random Private Address) as their Bluetooth device address. So, adding the smartphone device address in the White list only, will not resolve this issue and you have to use the Resolving List as well. That means, you have to add the central device address in the Resolving list as well as in the White list of your peripheral device.
Please refer the PSoC Creator Code Example 'BLE_4.2_Datalength_Security_Privacy' ( PSoC Creator-> File-> Code Example).