Skip to main content
  1. Home
  2. Mobile

WhatsApp’s online backups are getting end-to-end encryption

By

Facebook is tightening WhatsApp’s security by extending end-to-end encryption (E2EE) to cloud backups via an update to the app on iOS and Android. This was already allowed this on local WhatsApp backups, but the company will extend these security tools to online backups made to iCloud and Google Drive.

“Starting today, we are making available an extra, optional layer of security to protect backups stored on Google Drive or iCloud with end-to-end encryption. No other global messaging service at this scale provides this level of security for their users’ messages, media, voice messages, video calls, and chat backup,” the WhatsApp team shared this week.

Recommended Videos

It’s an optional feature, and users will be able to enable it in WhatsApp’s settings when it’s available. While WhatsApp’s link to Facebook means that it carries the company’s stigma around privacy and security, the service had always been surprisingly secure. Person-to-person chats are secured by the same end-to-end encryption protocol as Signal, while the only loophole was with online chats. With this rollout, the company would be closing that and increasing its privacy profile.

WhatsApp multi-device support image laptop, display, tablet
Facebook Engineering Blog

“To enable E2EE backups, we developed an entirely new system for encryption key storage that works with both iOS and Android. With E2EE backups enabled, backups will be encrypted with a unique, randomly generated encryption key. People can choose to secure the key manually or with a user password,” the WhatsApp team explained in September. “When someone opts for a password, the key is stored in a Backup Key Vault that is built based on a component called a hardware security module (HSM) — specialized, secure hardware that can be used to securely store encryption keys. When the account owner needs access to their backup, they can access it with their encryption key, or they can use their personal password to retrieve their encryption key from the HSM-based backup key vault and decrypt their backup.”

Facebook’s other messaging services, Messenger and Instagram Direct, do not yet offer end-to-end encryption by default. Instead, the company offers a discrete private mode on Messenger for people who want their calls and chats secured. With Facebook planning to merge all three services eventually, it seems more likely than not that the company plans for end-to-end encryption to be the default at some point in the future.

Editors’ Recommendations

Topics
Michael Allison
Michael Allison
Mobile News Writer
A UK-based tech journalist for Digital Trends, helping keep track and make sense of the fast-paced world of tech with a…
Are AirTags waterproof? Here’s what to do if they get wet
Person holding an Apple AirTag.

Apple AirTag Apple

Disc-shaped Apple AirTags are small tracking devices with an impressive range that are designed to help you keep tabs on items like keys, wallets, and bags.

Read more
5G vs. LTE: What’s the difference and why you should care
OnePlus Nord N300 5G speed test.

By now, you’ve almost certainly heard of 5G, the latest chapter in the evolution of wireless technology. Chances are you already have a smartphone and plan that supports 5G; if you don’t, you probably will after your next upgrade.

Although 5G has now effectively reached the mainstream, you may still wonder what the big deal is and how it will improve your life over the 4G/LTE technologies that have been the standard for the past decade. Is it worth upgrading to a 5G phone? Do you need a 5G plan, and if so, what level of 5G service should you choose from among the different flavors?

Read more
Google’s Gemini AI app gets a wider release. Is your phone on the list?
Google Gemini app on Android.

More people can now use and enjoy the Google Gemini AI app on their smartphone, as the company has expanded the list of regions where the Android version of the app is available through the Google Play Store. Specifically, it has launched the Android app in the U.K. and Europe, opening the service up far beyond its start in the U.S., where it was released in February.

What’s more, Google says Gemini will soon be available to iPhone owners, as the AI chatbot will appear on iOS in the next few weeks. It won’t be a standalone app though, as Gemini will instead work through the official Google app that can be downloaded now through the Apple App Store.

Read more