For Quick Alerts
ALLOW NOTIFICATIONS  
For Daily Alerts

WhatsApp To Launch End-to-End Encryption Security Feature For Backups: Check How It Will Work

|

WhatsApp, a reliable messaging app has announced a most secure feature for its users dubbed end-to-end encryption for chat backups. By keeping the additional layer of security and protection of users in mind Mark Zuckerberg CEO and founder of Facebook has announced on his Facebook page that "We're adding another layer of privacy and security to WhatsApp: an end-to-end encryption option for the backups people choose to store in Google Drive or iCloud. WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems."

 
WhatsApp To Launch End-to-End Encryption Security Feature For Backups

"Developing end-to-end encrypted backups was an incredible technical challenge: an entirely new framework for key and cloud storage. With encrypted backups they're only accessible to you, so that neither WhatsApp nor the backup service provider can access or decrypt the messages," said WhatsApp via its Twitter handle.

WhatsApp is the only worldwide messaging service that provides both end-to-end encryption and iCloud or Google Drive backups. With this latest update, you can now ensure that the memorable chats of your loved ones are securely kept in a location that only you can access and manage.

With the new end-to-end encryption for chat backups function, if a user decides to back up his or her conversation history with end-to-end encryption, it will only be readable to him, and no one including WhatsApp too. This feature will be an optional feature and will be rolled out in the coming days said, Mark Zuckerberg.

"Prior to the introduction of end-to-end encrypted backups, backups stored on Apple iCloud and Google Drive were not protected by WhatsApp's end-to-end encryption. Now we are offering the ability to secure your backups with end-to-end encryption before they are uploaded to these cloud services," WhatsApp explained in its security whitepaper.

The white paper further has mentioned that "With end-to-end encrypted backups enabled, before storing backups in the cloud, the client encrypts the chat messages and all the messaging data (i.e. text, photos, videos, etc) that is being backed up using a random key that's generated on the user's device. The key to encrypt the backup is secured with a user-provided password. The password is unknown to WhatsApp, the user's mobile device cloud partners, or any third party."

 

"WhatsApp's backup management relies on mobile device cloud partners, such as Apple and Google, to store backups of the WhatsApp data (chat messages, photos, etc.) in Apple iCloud or Google Drive. Prior to the introduction of end-to-end encrypted backups, backups stored on Apple iCloud and Google Drive were not protected by WhatsApp's end-to-end encryption. Now we are offering the ability to secure your backups with end-to-end encryption before they are uploaded to these cloud services," WhatsApp said in its security whitepaper.

"With the introduction of end-to-end encrypted backups, WhatsApp has created an HSM (Hardware Security Module) based Backup Key Vault to securely store per-user encryption keys for user backups in tamper-resistant storage, thus ensuring stronger security of users' message history. With end-to-end encrypted backups enabled, before storing backups in the cloud, the client encrypts the chat messages and all the messaging data (i.e. text, photos, videos, etc) that is being backed up using a random key that's generated on the user's device." WhatsApp further added.

The whitepaper has also mentioned that "The key to encrypt the backup is secured with a user-provided password. The password is unknown to WhatsApp, the user's mobile device cloud partners, or any third party. The key is stored in the HSM Backup Key Vault to allow the user to recover the key in the event the device is lost or stolen. The HSM Backup Key Vault is responsible for enforcing password verification attempts and rendering the key permanently inaccessible after a certain number of unsuccessful attempts to access it. These security measures provide protection against brute force attempts to retrieve the key."

"Additionally, the users have a choice to use a 64-digit encryption key instead of a password, which would require them to remember the encryption key themselves or store it manually as in this case the key is not sent to the HSM Backup Key Vault," said WhatsApp in its security whitepaper.

"Currently, end-to-end encrypted backups are only supported on a user's primary device. In addition, we recommend that users who opt into end-to-end encrypted backups also deselect WhatsApp from the apps that are included in their device-level backups. We will inform users of the need to do this when they set up their end-to-end encrypted backup in WhatsApp" the security whitepaper further mentioned.

Read more about: whatsapp
Story first published: Saturday, September 11, 2021, 12:07 [IST]
Company Search
Get Instant News Updates
Enable
x
Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Settings X