WhatsApp has enhanced the security of its messaging service by introducing a new layer of encryption. End-to-end encryption for chat backups in Google Drive and iCloud will soon be available as well, according to the Facebook-owned firm, which announced the move on Wednesday.
Previously, only WhatsApp chats were end-to-end encrypted, which meant that no one other than the sender and the receiver could read the messages sent between them. Not even WhatsApp or Facebook was available. WhatsApp claims to be the first and only large-scale messaging software to provide end-to-end encryption for conversation backups as well as messages themselves.
When Facebook CEO Mark Zuckerberg announced the new development, he stated, “We’re introducing another layer of privacy and security to WhatsApp: an end-to-end encryption option for backups users want to keep in Google Drive or iCloud. You may also be interested to know What is Surface Web and Deep Web?
“WhatsApp is the first global messaging service of this scale to offer end-to-end encrypted messaging and backups, and getting there was a really difficult technical challenge that necessitated the creation of an entirely new framework for key storage and cloud storage across operating systems.” WhatsApp is a service that connects people all over the world.
When end-to-end encrypted backups become available, WhatsApp and backup service providers such as Google or Apple will not be able to view a user’s backup or the encryption key used to create the backup, according to the company’s blog post.
In a statement, the messaging app stated that it has created a completely new method for storing encryption keys that is compatible with both iOS and Android devices. A unique encryption key will be used to encrypt and decrypt the backups.
People have the option of either manually securing the key or using a user password to do so. “When someone chooses to use a password, the key is kept in a Backup Key Vault, which is constructed using a component known as a hardware security module (HSM), which is specialized, secure hardware that can be used to safely store encryption keys”.
According to WhatsApp, when an account owner requires access to their backup, they may either access it using their encryption key or use their personal password to get their encryption key from the HSM-based Backup Key Vault and decode their backup.