If you are one of the more than a billion people who send messages and photos, make phone calls and swap videos using WhatsApp you would have received this message:
WhatsApp has added end-to-end encryption to every form of communication on its service. This means that nobody but the sender and receiver of the message or call will be able to access their contents – not even WhatsApp employees.
The move comes in the wake of Apple’s refusal to create a backdoor into the iPhone 5c belonging to one of the San Bernadino shooters. All Apple devices are end-to-end encrypted, which means, for instance, messages, calls and photos on iPhones cannot even be accessed by Apple.
What does this mean for you?
This will not affect how you use WhatsApp on a daily basis. What it does mean is that it will be much more difficult for other people to intercept your messages. I love the way WhatsApp explains this on their blog:
“The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation.”
In practice, this means WhatsApp is one of the most secure ways to communicate electronically.
“Building secure products actually makes for a safer world, (though) many people in law enforcement may not agree with that,” WhatsApp co-founder Brian Acton told Wired magazine.
When asked about reports that terrorists used WhatsApp to plan the attacks on Paris—reports that politicians have used to back calls for a backdoor—Koum doesn’t budge. “I think this is politicians, in some ways, using these terrible acts to advance their agendas,” he says. “If the White House thinks that Twitter can solve their ISIS problem, they’ve got (a lot of problems).”
End to end encryption is a way of transmitting a message so that it can only be read by the intended recipient, and not intercepted by accessing the servers or the networks via which the message is sent.
Rather than being sent as plain text, the message is scrambled as a long series of digits that needs a key only held by the sender and the recipient to understand it.
The keys are ephemeral, meaning they disappear after the message is unscrambled so that it can not be unlocked afterwards.
If you are interested in learning more about end to end encryption, look out for our next post.