After two years of work, WhatsApp has announced that its popular mobile chat app now uses default end-to-end data encryption to protect the privacy of its users from hackers and other interlopers.
“From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats,” the company said in an April 5 post on the WhatsApp Blog.
“The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to,” the post continued. “No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private—sort of like a face-to-face conversation.”
The latest version of WhatsApp makes the encryption a default choice all the time, but users could change the setting if desired.
“We live in a world where more of our data is digitized than ever before,” with frequent incidents being reported about sensitive records being improperly accessed or stolen, the post states. “And if nothing is done, more of people’s digital information and communication will be vulnerable to attack in the years to come. Fortunately, end-to-end encryption protects us from these vulnerabilities.”
The move to encryption has been in the works for two years and is not a reaction to the recent legal wrangling between Apple and the FBI over the government’s request to unlock an iPhone, the post explained.
“Encryption is one of the most important tools governments, companies, and individuals have to promote safety and security in the new digital age,” the post states. “While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people’s information to abuse from cybercriminals, hackers, and rogue states.”
Greg Nojeim, senior counsel for the Center for Democracy & Privacy, said WhatsApp’s move “will make their users safer against bad guys,” such as hackers.
“The major development is that communications sent over WhatsApp will be encrypted end-to-end for all users across all platforms including in group chat,” Nojeim told eWEEK. “That’s significant but it’s a logical progression for WhatsApp and encryption generally.”
Nojeim said it is important to note that the company’s encryption path began long before the recent Apple-FBI controversy, in which the government sought to compel Apple to unlock the iPhone that belonged to one of the terrorists who killed 14 people and injured 22 others in a December 2015 attack in San Bernardino, Calif. The government wanted Apple’s help in accessing and reading the encrypted data on the iPhone, but Apple refused, citing privacy laws. The iPhone unlocking request became moot when the FBI announced in late March that it had accessed the information on the iPhone without Apple’s help. The FBI, which received third-party assistance in accessing the information it sought, has since filed papers to drop its fight against Apple in that case.
“I think it would be inappropriate to call [WhatsApp’s encryption announcement] a reaction to a particular thing or development because they’ve been working on it for two years,” said Nojeim. “It’s just a reaction about the need for their users to have more security.”
WhatsApp Messenger is a cross-platform mobile messaging app that allows users to send and receive messages without paying Short Message Service (SMS) charges.
The encryption method WhatsApp uses was developed in partnership with Open Whisper Systems, according to an April 5 announcement. Open Whisper’s system uses its Signal Protocol to provide end-to-end encryption by default for users. The encryption has been progressively rolling out over the last year for all WhatsApp communications across all WhatsApp clients on Android, iPhone, Windows Phone, Nokia S40, Nokia S60, BlackBerry and BB10 platforms.
WhatsApp User Chats Now Feature Default End-to-End Encryption
WhatsApp users will initially see plain text messages (pictured) on their device screens when using the app to notify them that their communications are being encrypted by default, according to Open Whisper. “Starting today, users will see a notice in their conversation screen as their individual and group chats become end to end encrypted. Additionally, the encryption status of any chat is visible under that chat’s preferences screen.”
By default, WhatsApp users have the option to verify the authenticity of their encrypted sessions by scanning a QR code or by reading a string aloud, the company added. “Over a billion monthly active users across the world are now using the Signal Protocol for end to end encryption. Over the next year, we will continue to work with additional messengers to amplify the impact and scope of private communication even further.”
In March, WhatsApp began adding document sharing capabilities for users, according to an earlier eWEEK story. To start, only PDF documents are sharable, but other document types will be sharable in the future.
WhatsApp recently turned 7 years old and announced that it had logged its 1 billionth user.
In February, the company announced that it will end support for the BlackBerry, Nokia S40, Nokia Symbian S60, Android 2.2 and 2.1, and Windows Phone 7.1 mobile operating systems by the end of 2016 as the user bases for the platforms have continued to shrink.
That move comes as consumers have flocked instead to the latest versions of Apple iOS and Google Android operating systems on the majority of mobile devices in the marketplace, according to a recent eWEEK story. When WhatsApp began in 2009, about 70 percent of smartphones sold at the time had operating systems offered by BlackBerry and Nokia, while mobile OSes offered by Google, Apple and Microsoft—which account for 99.5 percent of sales today—were on less than 25 percent of mobile devices sold back then.
Based in Santa Clara, Calif., WhatsApp launched in 2009 and was acquired by Facebook in 2014 for about $4 billion in cash and $12 billion in stock. WhatsApp Messenger is a cross-platform mobile messaging app that allows users to exchange messages without having to pay separately for SMS.