WhatsApp says it is rolling out end-to-end encrypted backups for Android and iOS users

Ashwin
Oct 15, 2021
Updated • Oct 18, 2021
Mobile Computing
|
6

WhatsApp has announced that is rolling out end-to-end encrypted backups for users on iOS and Android. The feature was revealed about a month ago, and had been spotted in the beta version of the popular instant messaging app. The Facebook-owned platform says that it is releasing the feature for the stable channel.

WhatsApp End-to-End Encrypted Backups

The popular IM app uses end-to-end encryption for chats, to secure the messages that you send and receive. If you have been using the app, you are probably using the Chat backup option already. For those of you who don't know, WhatsApp allows you to store a backup of your conversations, including images, videos, etc., on the cloud. On Android you may use Google Drive, and iCloud on iOS as the backup solution.

While that is a useful feature, the cloud backup is not encrypted by the app before it is sent to the server. That means anyone who has access to the contents stored in the cloud, (including your cloud storage provider) will be able to access the content. That's not good for your privacy, and precisely what the latest feature is meant to address.

ADVERTISEMENT

WhatsApp end-to-end encrypted backups

WhatsApp end-to-end encrypted backups are not enabled by default. Check the official help portal to learn how to enable end-to-end encrypted backups in WhatsApp. I'll save you the trouble. It tells you to navigate to the WhatsApp Settings menu > Chats > Chat Backup, and enable an option called "End-to-end Encrypted Backup".

WhatsApp E2EE backup password

According to the announcement, you will need to create a password or a 64-bit digital key for enabling the feature. WhatsApp stores the encryption key locally on your phone, and uses it to secure your data before uploading it to the cloud storage service. You cannot recover the password if you lose it, in which case your data will be lost too. Once you enable the option, WhatsApp will start prepping the encrypted copy of your data, and upload it to your Google Drive or iCloud account.

WhatsApp E2EE backup encryption key

When you try to access the backup, WhatsApp will prompt you to enter the password and use it to decrypt the data.

If you are interested in the technical details, you may want to read this paper. When you set up the encryption password, the key that is created is placed in a "Backup Key Vault", that relies on a component called a hardware security module (HSM). If a user enters the wrong password several times, the HSM will permanently prevent access to the encryption key. This prevents your data from being hacked using brute-force methods.

I don't have the E2EE setting on my phone even though it is the latest version of the app, WhatsApp 2.21.20.21. I remember when WhatsApp Pay was rolled out in my Country, most people I know had it in the app, and only a couple of my friends and I didn't have it, though all of us were on the same build. So, if that is anything to go by, the WhatsApp end-to-end encryption option is probably a server-side update that is being rolled out in phases.

Do you have the end-to-end encrypted backup option in WhatsApp Messenger?

Summary
WhatsApp end-to-end encrypted backups is now available for Android and iOS users
Article Name
WhatsApp end-to-end encrypted backups is now available for Android and iOS users
Description
WhatsApp begins to roll out end-to-end encrypted backups to Android and iOS users. Here's how the new privacy feature works.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «

Comments

  1. ULBoom said on October 15, 2021 at 3:59 pm
    Reply

    WhatsApp, the encrypted messenger whose encryption Facebook can break any time they want. Could they make this any more complicated? Is anyone who cares about privacy still using WhatsApp? Do you trust Facebook to not be able to scrape the private key (like no one even knows how to generate one) or backup pwd?

    Facebook is global malware; they broke WhatsApp long ago and told everyone they did so this is pointless.

    1. Bindere Dundat said on October 15, 2021 at 4:06 pm
      Reply

      ………….therefore?

  2. RandomName said on October 15, 2021 at 5:39 pm
    Reply

    Use Signal

  3. Anonymous said on October 15, 2021 at 6:25 pm
    Reply

    For those who trusted Facebook about their communication application being E2EE, time to find out one of the reasons why it was a lie and it was in cleartext online chat storage. I remember Apple playing the same trick.

    It was stupid to trust Facebook the first time and it will be stupid again to trust them for announcing that. Assume everything the GAFAM say is a lie.

  4. JonSnow said on October 15, 2021 at 7:54 pm
    Reply

    Encrypted my a*s…try to break the Law and you will see FBI at your house at no time. lol

  5. Alex said on October 15, 2021 at 9:52 pm
    Reply

    End-to-end encryption does not mean that the algorithm or the implementation does not support a master key for decrypting everything.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.