{"id":2023,"date":"2021-09-22T06:14:36","date_gmt":"2021-09-22T13:14:36","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=2023"},"modified":"2023-09-27T13:19:31","modified_gmt":"2023-09-27T20:19:31","slug":"whatsapp-finally-launching-end-to-end-encryption-for-backups","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/whatsapp-finally-launching-end-to-end-encryption-for-backups\/","title":{"rendered":"WhatsApp finally launching end-to-end encryption for backups"},"content":{"rendered":"\n
\"\"<\/figure>\n\n\n\n

WhatsApp has announced <\/a>that it will begin offering end-to-end encryption<\/a> on chats backed up to Google Drive and iCloud on Android and iOS phones. This comes after the messaging service was discovered to be testing encrypted backups<\/a> in WhatsApp beta for Android in early summer. Although WhatsApp has offered end-to-end protection<\/a> by default on messages since 2016 (although some might beg to differ<\/a>), backed-up messages have not been encrypted.\u00a0
<\/p>\n\n\n\n\n\n\n\n

Up until this point, unencrypted chat backups have been a weak link in WhatsApp\u2019s security<\/a> arsenal, with law enforcement agencies worldwide often accessing the backed-up chats of suspect individuals for evidence. This should come as a welcome change for the billions of users who want to have safe access to WhatsApp chats of time gone by without worrying that everyone else does too. <\/p>\n\n\n\n

How it will work<\/h2>\n\n\n\n

To keep backups encrypted, WhatsApp developers have created a brand new system<\/a> for encryption key storage. Working with both iOS and Android, a unique, randomly generated, 64-bit encryption key will encrypt backups. People will have two options for keeping this key secure: password protection or securing it manually. 
<\/p>\n\n\n\n

If someone chooses to secure the key with a password, it will be stored in a form of hardware security<\/a> module (HSM) \u2014 a type of hardware used for storing encryption keys securely \u2014 called a Backup Key Vault. When the user enters their password correctly, the key will be retrieved to decrypt their backup. Users will have only a limited number of chances to enter their password, and the key will be rendered inaccessible after too many unsuccessful attempts. WhatsApp will not have access to the encryption key.
<\/p>\n\n\n\n

The other option is to store the 64-bit encryption key yourself and enter it manually each time you want to access your backup. The downside of this is if you lose your encryption key, you won\u2019t be able to access your backup. If you forget your password, however, you do have the option of resetting it. <\/p>\n\n\n\n

Wrap Up<\/h2>\n\n\n\n

While this is great news for WhatsApp users who want to back up their chat history safely, it\u2019s worth noting that encryption \u2014 while incredibly important \u2014 does not necessarily guarantee complete privacy. The company still has access to messages<\/a> that have been flagged by users or automatically forwarded. Some experts believe<\/a> this is a function that cyber criminals could potentially abuse. WhatsApp also has unencrypted access to a great deal of user metadata \u2014 including phone numbers, IP addresses, hardware models, OS information, and browser information \u2014 that can reveal a lot about a user\u2019s activity.
<\/p>\n\n\n\n

While encryption is an essential facet of online privacy and security, there are other elements to consider too. Before committing to WhatsApp or any other messaging app, it\u2019s crucial to research its terms and conditions and privacy policy and ensure that they align with your needs and beliefs.
<\/p>\n","protected":false},"excerpt":{"rendered":"

WhatsApp has announced that it will begin offering end-to-end encryption on chats backed up to Google Drive and iCloud on Android and iOS phones. This comes after the messaging service was discovered to be testing encrypted backups in WhatsApp beta for Android in early summer. Although WhatsApp has offered end-to-end protection by default on messages […]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2023","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/2023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=2023"}],"version-history":[{"count":4,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/2023\/revisions"}],"predecessor-version":[{"id":2669,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/2023\/revisions\/2669"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=2023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=2023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=2023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}