WhatsApp users can now encrypt chat backups saved in the cloud: How it works

WhatsApp users can now encrypt chat backups saved in the cloud: How it works
Photo Credit: Reuters
15 Oct, 2021

Messaging giant WhatsApp’s long awaited feature, which allows users to encrypt chat backups, is going live today. “End-to-end encrypted (E2EE) backups for WhatsApp starting to roll out today. Proud of the team for continuing to lead on security for your private conversations,” Mark Zuckerberg, chief executive of Facebook announced today. The messaging giant is owned by Facebook.

What is E2EE?

E2EE is a technology that allows only the sender and receiver of a text to read its contents. It protects against so called ‘man-in-the-middle’ attacks, where a hacker places themselves between the sender and receiver. It also stops companies operating messaging apps, like WhatsApp itself, from reading the contents of texts when they’re passing through their servers.

Why are encrypted chats important?

WhatsApp allows users to save backups of their chats on Google Drive and Apple’s iCloud. With the new features, users will be able to encrypt these backups by creating a password that will be required to access these backups. The feature comes close on the heels of instances when chat backups of Bollywood celebrities had been leaked to others. Last year, chat backups of Bollywood actress Deepika Padukone, and deceased actor Sushant Singh Rajput had been leaked to the public.

“This is a really big privacy advancement, particularly at our scale of more than 2 billion users who send more than 100 billion messages a day. We believe that this will give our users a meaningful advancement in the safety of their personal messages,” the company said in a blog post.

Without encrypted backups, law enforcement agencies can access users’ chats by circumventing WhatsApp and instead compelling Google and Apple to share the backup files when required. Encrypted backups would mean that while Google and Apple can share these files, the user’s consent will still be required to access them.

The messaging giant had added encryption to its platform five years ago and has run into trouble with governments over the feature. At the moment, WhatsApp is fighting a case against the Indian government, opposing a rule in its new Intermediary Guidelines that requires platforms like WhatsApp to trace the first originator of texts on their platforms. The platforms argue that doing so will need them to surveil all their users, which cannot be done as long asn E2EE is in play.

How do encrypted chat backups work

According to WhatsApp, the new feature will allow users to create either a password or a 64-bit encryption key that only they will know. Neither WhatsApp nor the backup service provider — Google or Apple — will know this key. The downside is that users will also lose access to these chats if they lose the password or passcode.

“No other global messaging service at this scale provides this level of security for their users’ messages, media, voice messages, video calls, and chat backups,” the company claimed. WhatsApp’s competitors Telegram and Signal do provide encrypted chats, but do not have mechanisms to encrypt backups.