Skip to main content
  1. Home
  2. Mobile
  3. News

WhatsApp Web gets a browser extension to beef up security

Nadeem Sarwar
By

WhatsApp on the Web is a convenient way to access the messaging service on a desktop, without the hassle of installing an app. However, with the web, there’s always a risk of bad actors trying to trick users. With that in mind, WhatsApp is now offering a browser extension that verifies if users are on the authentic web version, or if they are on a tampered page that can steal data and install malware among other evil deeds.

How to use it

The process of using the browser extension-based security system is easy. Just go to the Chrome web store and search for Code Verify, hit the blue Add to Chrome button, and you’re good to go. As of now, Code Verify only works on Chrome, Edge, and Mozilla Firefox, but a version tailored for Safari is also in the development phase.

Recommended Videos

Once the browser extension has been installed and pinned to the toolbar, it will start doing its code verification job automatically every time users visit the WhatsApp Web page. And to inform users about the activity status, a color-code indicator system has been put in place. A green icon means everything is fine and there are no security risks.

Related
The color coding system put in place for Code Verify on WhatsApp Web.

If the Code Verify icon shows an orange circle with a question mark, it is a sign that the network request was timed out. An orange alert means the network connection might be stable or something is interfering with the verification process. To fix it, try reloading the page, changing the Wi-Fi network, or pausing other browser extensions.

A red indicator with an exclamation mark is a sign that the source code couldn’t be verified, and that’s a possible security risk. In such a scenario, disable the other extensions and reload the WhatsApp Web page to see if the warning sign goes away.

Meta assures that the Code Verify extension doesn’t interfere with the privacy aspect. It won’t log any activity data, collect metadata, or access any of the user information on its own. More importantly, the extension doesn’t let anyone take a peek at the messages as they are end-to-end encrypted, just the way they are on the mobile app.

How it works

The functional template for WhatsApp Web

Created in collaboration with Cloudflare, Code Verify relies on a security feature called subresource integrity that will check resources on the entire webpage. At the heart of the browser is a hash matching system, which also forms the backbone of Apple’s iCloud photo scanning system for CSAM detection.

“Whenever the code for WhatsApp Web is updated, the cryptographic hash source of truth and extension will update automatically as well,” Meta says in its announcement. The idea is to automate the process of hash matching, and then deploy it on a scale for hundreds of millions of WhatsApp users. Additional in-depth technical details about the Code Verify extension can be found here.

Editors' Recommendations

Topics
Nadeem Sarwar
Nadeem Sarwar
Contributor
Nadeem is a tech journalist who started reading about cool smartphone tech out of curiosity and soon started writing…
Emoji reactions hit WhatsApp as Meta fights the competition
Person texting on a smartphone using WhatsApp.

WhatsApp is gaining a slew of new features some would consider overdue for a messaging app of its size. The company is adding support for message reactions, larger file shares, and bigger groups in an update that's slowly rolling out across iOS and Android. Many of these features are present in other apps, notably Telegram, so WhatsApp is under pressure to keep up.

Message reactions are the most noticeable feature for users on a day-to-day basis. They're already present on Facebook Messenger, iMessage, Google Messages, Instagram, and Snapchat, so WhatsApp is a pretty late addition. At the moment only a limited number of reactions are present, but the WhatsApp team notes that a broader range of expressions is coming.

Read more
WhatsApp Communities want to be your private social media
Whatsapp Communities on Samsung smart phones.

WhatsApp is adding a Communities feature to the eponymous instant messaging platform, adding a social media aspect to it that will have all group conversations protected by end-to-end encryption. Unlike the new community feature on Twitter that brings together like-minded users, the core idea of Communities on WhatsApp is that it allows multiple groups to be aggregated into one super-group.

But unlike social media platforms such as Facebook or Twitter, a WhatsApp Community won’t be openly discoverable. The phone numbers of users also won’t be publicly visible to all Community members. Only the admin and other members of a group can see them.

Read more
WhatsApp gets much-needed improvements for voice messages
WhatsApp messaging app icon.

WhatsApp is finally giving a much-needed overhaul to the voice messages system on its messaging platform, with a grab bag of new features that will start rolling out in the coming weeks. Let’s start with the trick that users have been demanding for years — fast playback for audio clips. WhatsApp will soon let users speed things up with controls for 1.5x and 2x voice message playback for both originally recorded and forwarded clips.

Another neat addition is background playback. WhatsApp users can leave a chat window and navigate other sections of the app or even jump into another chat while the voice message plays in the background. And if there are multiple audio clips lined up in succession, all of them will play in a queue while still in the background.

Read more