Whatsapp finally brings end-to-end encryption to chat backups in cloud

By Arya M Nair, Intern Reporter
  • Follow author on
Chat Backup Encryption image
Representational image

WhatsApp, the Facebook-owned messaging app will soon allow its users to secure their chat threads with end-to-end encrypted cloud backups on both Android and iOS.

The new feature will help users to keep their chats encrypted even when they are a part of WhatsApp backups stored on a cloud service such as Apple iCloud or Google Drive. It is important to note that since 2016, the instant messaging app has been offering end-to-end encrypted chats on its platform, and the update is essentially an extension of that level of security to chat backups.

WhatsApp backup chats were never safe, as it is not a secret. Top cyber officials and other law enforcement agencies across the globe could easily gain access to WhatsApp chats of those they suspect by just tapping on the unencrypted chat backups on Google or Apple servers.

Mark Zuckerberg Image
Mark Zuckerberg
CEO – Facebook

“We’re adding another layer of privacy and security to WhatsApp: an end-to-end encryption option for the backups people choose to store in Google Drive or iCloud. WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems.” 

Users can enable end-to-end encryption for their WhatsApp chat backups by setting a password that will be required if they want to restore their backup in the future. In addition, WhatsApp will be able to use the user’s 64-digit encryption key for authentication. According to the company, neither WhatsApp nor backup service providers such as Apple and Google will have access to users’ end-to-end encrypted keys or backups.

WhatsApp will encrypt chat messages and any existing messaging data, including text, photos, and videos, that is being backed up using a random key created on the device with end-to-end encrypted backups.

It has devised a Hardware Security Module (HSM)-based Backup Key Vault that will take effect when a user selects to secure their chat backups with a personal password. The vault will act as a locker for keys that helps to keep the backup data protected using a user-provided password. It returns the key after validating the password each time when users need to restore their end-to-end encrypted backup.

Related: Whatsapp testing ‘My Contacts Except’ option in last seen, profile photo & about