Considering WhatsApp is used by over two billion people around the world, keeping the messaging platform secure is critical. WhatsApp, the Facebook-owned instant messaging application, has often said that all communications on the platform are safe and confidential and that no third party, including WhatsApp, may access them. However, certain recent events involving the breach of WhatsApp chats paint a different picture.
WhatsApp-Facebook Data Sharing Controversy
As a result of WhatsApp’s public relations disaster, tens of millions of people have switched to other networks. Following an outcry over data sharing with Facebook, millions more are intending to do the same. Users have expressed concern, asking, “How can anyone be sure that the encryption WhatsApp promises to employ is the one deployed in their apps?”
WhatsApp claims that all communications on its platform are protected by end-to-end encryption. Not only are these encryption keys impossibly difficult to decrypt, but they also block third-party entities, like WhatsApp, from intercepting messages or calls. Only the user and the person or group with whom they’re communicating can read or see the messages, photographs, or files they exchange or listen to the calls they make.
Although WhatsApp still uses end-to-end encryption, it collects more information about us. WhatsApp’s encryption doesn’t prevent users from this kind of data collecting, but all of that information is now accessible by Facebook, WhatsApp’s parent firm. That means critical data might still be stolen if the servers where Facebook maintains personal information are hacked. Furthermore, the recent announcement of a 500-million-user data leak doesn’t somehow instil confidence in Facebook’s data security safeguards.
Users began to be suspicious of WhatsApp’s relationship with Facebook in 2016, when it was revealed that WhatsApp was automatically sharing user phone numbers and data analysis with Facebook, violating the company’s earlier position on user data protection. We could still secure our information, but only if we opted out manually. WhatsApp took this a step further in January 2021, when it published revisions to its privacy policy that made data sharing with Facebook obligatory for its users. The deadline for users to consent to the policy change was initially set for February 8, but it had subsequently been postponed until May 15.
This news was accompanied by the unveiling of Apple’s new “privacy label” feature. The feature was officially launched at the end of 2020, and it requires App Store apps to disclose what data they acquire on customers. Users can now see that, even though WhatsApp uses end-to-end encryption by default for all messaging, it
nevertheless gathers metadata such as GPS data, contacts, identifying information (such as user ID), and transactions. It also shares all of this information with Facebook.
WhatsApp is now trying to strike back against self-inflicted damage caused by a forced term of service modification that came soon after Apple’s privacy labelling revealed the company’s vast data collecting. For the corporation, it was a chaotic PR disaster. While it has reneged on its ‘take it or leave it’ ultimatum, there has been no repentance on the scope of the data collecting. One can’t resist but presume WhatsApp will have to do more, given how eagerly its competitors embrace enough escaping WhatsApp users to strain their servers.
WhatsApp Competitors – Signal & Telegram
Signal and Telegram, two WhatsApp competitors, have gained the most out of the company’s misstep. However, they are vastly different, and the WhatsApp vs. Telegram vs. Signal argument has revealed just how oblivious most users are of these crucial distinctions. Sadly, almost all of the articles covering WhatsApp’s flaws and alternatives don’t address any of the ambiguity. This puts the user in jeopardy.
The most intriguing part of the WhatsApp migration is the rise of new users to Telegram. Just to be clear: while Signal is a more secure version of WhatsApp, Telegram is nothing like it. It’s a vastly separate platform, with a different goal in mind. Telegram is still not end-to-end encrypted by default, and secret chats only operate between two devices—they don’t encompass groups, and they have to be deliberately selected.
Law enforcement and large corporations have intensified pressure on organizations to hand up user information or construct security holes that they can use to retrieve user data, such as messages, in the future, according to WhatsApp CEO Will Cathcart. WhatsApp users, on the other hand, tend to be concerned about the metadata collected, irrespective of end-to-end encrypted conversations. People may be less eager to accept the app now that information collecting is required to utilise it.
Password Protected Encrypted iCloud Backups
According to reports, WhatsApp is working on password-protected encrypted iCloud backups. iCloud customers will be able to create encrypted backups of their WhatsApp data that will require credentials to access once the service is available. It would presumably be more secure since users would be able to encrypt their data before transferring it to the cloud. Although the upgrade is still in beta, WhatsApp may be able to recoup some of its user community if it can rollout this update quickly enough.
How Secure is the WhatsApp End-to-End Encryption?
The “Verify Security Code” screen in the contact info screen of WhatsApp is a feature that allows you to verify the end-to-end encryption of your conversations with a specific contact. When you engage in an end-to-end encrypted chat with someone, each chat session has its own unique security code. This code ensures that the messages and calls you exchange are protected and can only be read by you and the recipient.
To access the “Verify Security Code” screen, follow these steps:
- Open the chat with the desired contact.
- Tap on the contact’s name at the top of the screen to open the contact info screen.
- Look for the option called “Encryption” and tap on it.
On the “Verify Security Code” screen, you will see a QR code and a 60-digit number. These codes represent the security keys shared between you and your contact for that particular chat session. You can compare these codes with your contact to ensure that your messages and calls are truly end-to-end encrypted.
If you and your contact are physically together, one of you can scan the other’s QR code using the WhatsApp camera. If the codes match, a green checkmark will appear, indicating that your communication is secure. If you’re not in the same location, you can share the 60-digit number with your contact through another platform like SMS or email. They can then visually compare the codes to ensure they match.
It’s important to note that if you or your contact use WhatsApp on multiple devices, you need to verify the security code on each device. Additionally, if the codes don’t match, it could indicate that you’re communicating with a different contact or a different phone number. In such cases, it’s recommended to refresh the code by sending a new message and then scanning it again.
WhatsApp offers end-to-end encryption as a means to prioritize user privacy and security. The encryption ensures that only you and the intended recipient can access the content of your messages and calls. WhatsApp itself cannot decrypt or access the encrypted data since the encryption and decryption processes occur solely on your devices. This level of security prevents unauthorized access to your conversations and helps protect your sensitive information.
By implementing end-to-end encryption, WhatsApp aims to safeguard user privacy and prevent incidents where private data is unlawfully obtained or misused. It provides users with control over their own communication and assures that their conversations remain confidential. While WhatsApp respects the role of law enforcement in maintaining public safety, it only responds to valid requests from authorities following applicable laws and policies.