That means engineers at the Facebook-owned chat app wouldn’t be able to read messages or watch video calls sent by its users even if ordered to do so by a court.
Everything on WhatsApp is now encrypted, end-to-end, for all operating systems. That means engineers at the Facebook-owned chat app wouldn’t be able to read messages or watch video calls sent by its users even if ordered to do so by a court.
“WhatsApp’s end-to-end encryption ensures only you and the person you’re communicating with can read what is sent, and nobody in between, not even WhatsApp,” according to an explanation on the app’s website. Wired was the first to report on the feature.
WhatsApp has a billion users, making it the world’s most popular chat app by some distance. End-to-end encryption is not an entirely new feature on the app: It’s been pushed to hundreds of millions of users on the Android mobile operating system since November 2014. But that rollout didn’t cover all types of messages, like group chats, videos, or photos. It also didn’t cover other operating systems, like Apple’s iOS or Windows Phone, although Android is the world’s most popular mobile OS.
WhatsApp’s latest encryption announcement is therefore just the final piece of a feature that the company has been working at for two years, in a way that renders it nearly invisible to its own users, as one of the cryptographers working on the project, Moxy Marlinspike, told Wired in 2014. “Now every message, photo, video, file, and voice message you send, is end-to-end encrypted by default if you and the people you message use the latest version of our app. Even your group chats and voice calls are encrypted,” WhatsApp co-founder Jan Koum said in a Facebook post today (Apr. 5).
There are a handful of visible signs that encryption has kicked in. A text bubble now appears at the top of every new chat confirming that messages and calls are now end-to-end encrypted, if everyone participating in that conversation has the latest version of the app. Users also can manually verify that a chat is encrypted by scanning a unique QR code or comparing a 60-digit string of numbers that is generated for each chat.
It’s not entirely clear when the latest encryption features were introduced, and how much data was originally being encrypted on the various operating systems. The latest version of WhatsApp on iOS was available on April 1, while the latest Android version was available on March 29. We have asked Facebook for clarification.
Encryption is top of mind for global tech companies in general, and WhatsApp in particular. Facebook’s chief for Latin America was briefly jailed in Brazil in March for failing to provide WhatsApp chat data in a drug case. It wasn’t clear if the data was encrypted, but WhatsApp told the New York Times at the time that it “cannot provide information [it does] not have.”
Apple faced down the US Federal Bureau of Investigation recently over a court order compelling it to create a way to bypass security measures on a locked iPhone. The effects of that case, which was ultimately dropped by the FBI after it said it found a way to access the phone without Apple’s help, are still being felt, as questions now arise over how powerful the FBI’s tool is, and whether it should disclose the security hole to Apple.
For Koum and his team at WhatsApp, encryption is tantamount to security—there’s no debate over whether it’ll benefit users. The feature is turned on by default and cannot be turned off. Noting his experience growing up in Ukraine when it was part of the Soviet Union, Koum wrote in a blog post:
“I grew up in the USSR during Communist rule and the fact that people couldn’t speak freely is one of the reasons my family moved to the United States. Today more than a billion people are using WhatsApp to stay in touch with their friends and family all over the world. And now, every single one of those people can talk freely and securely on WhatsApp.