WhatsApp has announced a major privacy update, where it will now add end-to-end encryption to chat backups as well. All messages and calls on the platform are already end-to-end encrypted — meaning no third party, including WhatsApp, can access them. But users rely on backups to preserve their chats and restore them, especially when they switch devices. So far, chat backups were unencrypted, and thus vulnerable to being accessed by others.
WhatsApp says it will be adding support for this feature in the coming weeks as an additional layer of security for those who want it. “If someone chooses to backup their chat history with end-to-end encryption, it will be accessible only to them, and no one will be able to unlock their backup, not even WhatsApp,” explains the company.
But the backup service provider, be it Apple or Google, will be to access the end-to-end encryption key or their end-to-end encrypted backup. For iOS users, the only option for chat backup is iCloud, while on Android users typically rely on Google Drive.
According to Facebook, this is a “really big privacy advancement” considering their scale of 2 billion users, who send over 100 billion messages daily. WhatsApp says it believes “that this will give our users a meaningful advancement in the safety of their personal messages.”
The end-to-end encryption will be released as an optional feature to both iOS and Android users in the coming weeks. So it will not be turned on by default. WhatsApp users will have to create a password or rely on using a 64-digit encryption key to access their chats which are encrypted. Further, as the image above shows, if the user forgets the password, WhatsApp cannot help them recover the account.
WhatsApp has also released a whitepaper explaining how this feature will work. The backup is encrypted with a user-provided password, which remains unknown to WhatsApp, the user’s mobile device cloud partners, or any third party.
In addition, an encryption key is stored in the Hardware Security Module (HSM) Backup Key Vault, which will allow the user to recover the key in the event the device is lost or stolen and thus regain access to their account and chats. HSM in most phones is “responsible for enforcing password verification attempts and rendering the key permanently inaccessible after a certain number of unsuccessful attempts to access it.”
Facebook says “these security measures provide protection against brute force attempts to retrieve the key.” If users choose the 64-digit encryption key instead of a password, they will have to make sure that they remember this encryption key themselves or store it manually somewhere. In this case, the key is not sent to the HSM Backup Key Vault.