WhatsApp says it is rolling out end-to-end encrypted backups for Android and iOS users
WhatsApp has announced that is rolling out end-to-end encrypted backups for users on iOS and Android. The feature was revealed about a month ago, and had been spotted in the beta version of the popular instant messaging app. The Facebook-owned platform says that it is releasing the feature for the stable channel.
The popular IM app uses end-to-end encryption for chats, to secure the messages that you send and receive. If you have been using the app, you are probably using the Chat backup option already. For those of you who don't know, WhatsApp allows you to store a backup of your conversations, including images, videos, etc., on the cloud. On Android you may use Google Drive, and iCloud on iOS as the backup solution.
While that is a useful feature, the cloud backup is not encrypted by the app before it is sent to the server. That means anyone who has access to the contents stored in the cloud, (including your cloud storage provider) will be able to access the content. That's not good for your privacy, and precisely what the latest feature is meant to address.
WhatsApp end-to-end encrypted backups
WhatsApp end-to-end encrypted backups are not enabled by default. Check the official help portal to learn how to enable end-to-end encrypted backups in WhatsApp. I'll save you the trouble. It tells you to navigate to the WhatsApp Settings menu > Chats > Chat Backup, and enable an option called "End-to-end Encrypted Backup".
According to the announcement, you will need to create a password or a 64-bit digital key for enabling the feature. WhatsApp stores the encryption key locally on your phone, and uses it to secure your data before uploading it to the cloud storage service. You cannot recover the password if you lose it, in which case your data will be lost too. Once you enable the option, WhatsApp will start prepping the encrypted copy of your data, and upload it to your Google Drive or iCloud account.
When you try to access the backup, WhatsApp will prompt you to enter the password and use it to decrypt the data.
If you are interested in the technical details, you may want to read this paper. When you set up the encryption password, the key that is created is placed in a "Backup Key Vault", that relies on a component called a hardware security module (HSM). If a user enters the wrong password several times, the HSM will permanently prevent access to the encryption key. This prevents your data from being hacked using brute-force methods.
I don't have the E2EE setting on my phone even though it is the latest version of the app, WhatsApp 126.96.36.199. I remember when WhatsApp Pay was rolled out in my Country, most people I know had it in the app, and only a couple of my friends and I didn't have it, though all of us were on the same build. So, if that is anything to go by, the WhatsApp end-to-end encryption option is probably a server-side update that is being rolled out in phases.
Do you have the end-to-end encrypted backup option in WhatsApp Messenger?Advertisement