What does WhatsApp encryption mean for you?
Everything on WhatsApp is now encrypted, end-to-end, for all operating systems. That means engineers at the Facebook-owned chat app wouldn’t be able to read messages or watch video calls sent by its users even if ordered to do so by a court.
“WhatsApp’s end-to-end encryption ensures only you and the person you’re communicating with can read what is sent, and nobody in between, not even WhatsApp,” according to an explanation on the app’s website. Wired was the first to report on the feature.
WhatsApp has a billion users, making it the world’s most popular chat app by some distance. End-to-end encryption is not an entirely new feature on the app: It’s been pushed to hundreds of millions of users on the Android mobile operating system since November 2014. But that rollout didn’t cover all types of messages, like group chats, videos, or photos. It also didn’t cover other operating systems, like Apple’s iOS or Windows Phone, although Android is the world’s most popular mobile OS.
WhatsApp’s latest encryption announcement is therefore just the final piece of a feature that the company has been working at for two years, in a way that renders it nearly invisible to its own users, as one of the cryptographers working on the project, Moxy Marlinspike, told Wired in 2014. “Now every message, photo, video, file, and voice message you send, is end-to-end encrypted by default if you and the people you message use the latest version of our app. Even your group chats and voice calls are encrypted,” WhatsApp co-founder Jan Koum said in a Facebook post today (Apr. 5).
There are a handful of visible signs that encryption has kicked in. A text bubble now appears at the top of every new chat confirming that messages and calls are now end-to-end encrypted, if everyone participating in that conversation has the latest version of the app. Users also can manually verify that a chat is encrypted by scanning a unique QR code or comparing a 60-digit string of numbers that is generated for each chat.
It’s not entirely clear when the latest encryption features were introduced, and how much data was originally being encrypted on the various operating systems. The latest version of WhatsApp on iOS was available on April 1, while the latest Android version was available on March 29. We have asked Facebook for clarification.
How does WhatsApp end-to-end encryption work?
WhatsApp encrypting messages ‘end-to-end’ is a big deal because it means that the company itself has decided to run a system in which even it cannot intercept and read messages sent on its own platform.
When you send a message, it can only be ‘unlocked’ by the intended recipient, thanks to a very complex code that took WhatsApp several years to develop. It’s no mean feat to achieve, particularly given that 1 billion people use the service.
This differs to many messaging apps, which only encrypt messages between you and them. This means that your messages are stored on the services servers, usually not permanently, so hypothetically could be accessed and read.
Why has WhatsApp introduced end-to-end encryption?
Now that WhatsApp has end-to-end encryption, it means that they and no party – governments, police, hackers, other users – can intercept and read your messages.
WhatsApp has done this because as a company they believe in your right to have private conversations when you use their service. Also see: How to avoid WhatsApp scams
Why is end-to-end encryption important?
The reason the decision is getting a lot of attention is because of high profile cases in which communications service providers like Facebook are put upon by authorities to release sensitive personal data.
A high profile case is the FBI asking Apple to unlock an iPhone 5C that was used by one of the San Bernardino shooters, a move which Apple refused, underlining the integral values many large communications companies hold when it comes to personal data, security and encryption.
Does every app have end-to-end encryption?
The short answer is no – but also this is not something to be alarmed about.
WhatsApp’s decision is one of the first of its kind, and is particularly interesting because traditionally smartphone messaging services have played down the importance of security.
Facebook Messenger only encrypts messages between your device and their servers. This means, by law, Facebook could be obliged to divulge private messages. The same applies to Instagram, which Facebook owns, though interestingly, it also owns WhatsApp.