WhatsApp User Chats Now Use Default End-to-End Encryption

The company has been working to incorporate full end-to-end automatic encryption for two years to protect the privacy of its users.

WhatsApp, messaging, SMS, encryption, FBI, terrorism, WhatsApp Messenger, end-to-end encryption, privacy, security

After two years of work, WhatsApp has announced that its popular mobile chat app now uses default end-to-end data encryption to protect the privacy of its users from hackers and other interlopers.

"From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats," the company said in an April 5 post on the WhatsApp Blog.

"The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to," the post continued. "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private—sort of like a face-to-face conversation."

The latest version of WhatsApp makes the encryption a default choice all the time, but users could change the setting if desired.

"We live in a world where more of our data is digitized than ever before," with frequent incidents being reported about sensitive records being improperly accessed or stolen, the post states. "And if nothing is done, more of people's digital information and communication will be vulnerable to attack in the years to come. Fortunately, end-to-end encryption protects us from these vulnerabilities."

The move to encryption has been in the works for two years and is not a reaction to the recent legal wrangling between Apple and the FBI over the government's request to unlock an iPhone, the post explained.

"Encryption is one of the most important tools governments, companies, and individuals have to promote safety and security in the new digital age," the post states. "While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people's information to abuse from cybercriminals, hackers, and rogue states."

Greg Nojeim, senior counsel for the Center for Democracy & Privacy, said WhatsApp's move "will make their users safer against bad guys," such as hackers.

"The major development is that communications sent over WhatsApp will be encrypted end-to-end for all users across all platforms including in group chat," Nojeim told eWEEK. "That's significant but it's a logical progression for WhatsApp and encryption generally."

Nojeim said it is important to note that the company's encryption path began long before the recent Apple-FBI controversy, in which the government sought to compel Apple to unlock the iPhone that belonged to one of the terrorists who killed 14 people and injured 22 others in a December 2015 attack in San Bernardino, Calif. The government wanted Apple's help in accessing and reading the encrypted data on the iPhone, but Apple refused, citing privacy laws. The iPhone unlocking request became moot when the FBI announced in late March that it had accessed the information on the iPhone without Apple's help. The FBI, which received third-party assistance in accessing the information it sought, has since filed papers to drop its fight against Apple in that case.

"I think it would be inappropriate to call [WhatsApp's encryption announcement] a reaction to a particular thing or development because they've been working on it for two years," said Nojeim. "It's just a reaction about the need for their users to have more security."

WhatsApp Messenger is a cross-platform mobile messaging app that allows users to send and receive messages without paying Short Message Service (SMS) charges.

The encryption method WhatsApp uses was developed in partnership with Open Whisper Systems, according to an April 5 announcement. Open Whisper's system uses its Signal Protocol to provide end-to-end encryption by default for users. The encryption has been progressively rolling out over the last year for all WhatsApp communications across all WhatsApp clients on Android, iPhone, Windows Phone, Nokia S40, Nokia S60, BlackBerry and BB10 platforms.