WhatsApp begins end-to-end encryption for its services
Today, WhatsApp officially provides end-to-end encryption for its messaging service. According to their blog, every message, photo, video, file, and voice message sent between its one billion active users will now be protected from prying cyber-sleuths. This feature is on by default, and active at all times – even if you’re not in WhatsApp right now. It cannot be turned off.
End-to-end encryption makes the content protected, and viewable only by the sender and recipient of the message. The messages will be unreadable to any unintended recipient, including cyber-criminals and hackers who intercept the data. Messages sent are secured with a ‘lock’, and only the recipient and sender have the special ‘key’ needed to unlock and read them. For added protection, every message sent has its own unique lock and key. The same applies to WhatsApp calls and other media formats sent using the app.
WhatsApp does not keep a copy of messages sent on their server. Their servers instead manages messages centrally, coordinates key exchanges, and WhatsApp controls the encryption used by the phones. The WhatsApp blog entry also said that even the app makers themselves cannot decrypt the messages sent.
Each individual chat or group chat will have its own security code used for verification. This code can be found in the contact info/group info screen, both as a QR code and a 60-digit number. If the QR code and number code matches, your chat is currently secure.
Encryption for WhatsApp’s communications was always in the works, as early as November 2014. WhatsApp founder, Jan Koum, supported Apple’s stance on personal privacy when the FBI demanded for Apple to unlock a terrorist’s phone. Now, WhatsApp itself offers more security and privacy than before.
You can read about the technical aspects of WhatsApp’s end-to-end encryption from their white paper here. The encryption feature is now available to both iOS and Android OS users.