WhatsApp is set to soon roll out end-to-end encrypted cloud backups on Android and iOS. The new move will help users keep their chats end-to-end encrypted even when they are a part of WhatsApp backups stored on a cloud service such as Apple iCloud or Google Drive. WhatsApp has worked from scratch to enable anticipated end-to-end encrypted backup support for its users. Notably, the instant messaging app has been offering end-to-end encrypted messages on its platform since 2016, and the update is essentially an expansion of that level of security to chat backups.
Facebook CEO Mark Zuckerberg on Friday announced through a post on the platform that WhatsApp has completed building end-to-end encrypted backups and will soon begin rolling out the new layer of privacy and security protection to users.
The end-to-end encrypted backups will be available as an optional feature that users need to manually enable on the app. It will be rolled out to both Android and iOS devices in the coming weeks, the Facebook-owned company said.
Users will be able to enable end-to-end encryption for their chat backups on WhatsApp by creating a password that they will be required to restore their backup in the future. Alternatively, WhatsApp will also be able to use their 64-digit encryption key for authentication.
By enabling end-to-end encryption for backups, users will be able to protect their chat history from being accessed by any third parties. The company claims that neither WhatsApp nor the backup service provider including Apple and Google will have access to the end-to-end encrypted key and backups of users.
WhatsApp has been allowing users to keep their chat backups on Apple iCloud in case of iPhones and on Google Drive in case of Android phones. But in both cases, the backups stored in the cloud are not protected by an end-to-end encryption from the WhatsApp side. This means that the data could be read by a third party. It has brought some instances in which third parties including law-enforcement agencies might have gained user data access. This is where the new end-to-end encrypted backups could be helpful.
The level of security through the new feature will be identical to how WhatsApp messages are protected under end-to-end encryption. However, WhatsApp engineers need to work hard to implement the advancement — particularly considering the fact that there are more than two billion users on the app who send over 100 billion messages a day and most of them use cloud backups to protect their chat history.
With end-to-end encrypted backups, WhatsApp will encrypt the chat messages and all the existing messaging data including text, photos, and videos that is being backed up using a random key that will be generated on the device.
WhatsApp has built a Hardware Security Module (HSM) based Backup Key Vault that will come into effect when a user is opting for a personal password to protect their chat backups. This Vault service will save encryption keys for user backups on a per-user basis and work as a physical locker in your bank to store the keys that help keep backups secured with a user-provided password. It returns the key after validating your password each time when you need to restore your end-to-end encrypted backup. The service also ensures that the encryption key won't be provided after a certain number of unsuccessful attempts.
Comments
Post a Comment