WhatsApp Still Working on Password-Protected Encrypted iCloud Backups

by

WhatsApp is working on a way to secure users' chat backups in iCloud using password-protected encryption, according to a new report from forthcoming-feature specialist WABetaInfo.

Whatsapp Feature
The Facebook-owned chat platform began early work on the security feature back in March 2020. Currently, WhatsApp on iPhone lets users back up their chat history to ‌iCloud‌, but messages and media that users back up are not protected by WhatsApp's end-to-end encryption while in ‌‌iCloud‌.

Apple holds the encryption keys to ‌iCloud‌, and does provide backed-up data to authorities when lawfully requested, as outlined in its semiannual Transparency Reports. The new WhatsApp feature, should it see the light of day, would resolve that security hole by allowing users to encrypt and password-protect their chat history before uploading it to Apple's cloud-based platform.

In screenshots posted by WABetaInfo, WhatsApp describes the password-protection like so:

"To prevent unauthorized access to your iCloud Drive backup, you can set a password that will be used to encrypt future backups. This password will be required when you restore from the backup."

The user is then asked to confirm their phone number and select a password of at least eight characters in length. Another screenshot forewarns users that "WhatsApp will not be able to help recover forgotten passwords."


It's unclear when the security feature will go live, but after the recent exodus from WhatsApp prompted by the service's poorly explained privacy policy update, sooner would be better than later.

Rival encrypted messaging services Telegram and Signal have both experienced a surge in signups following the controversy, which led WhatsApp to delay the privacy policy update until May while it attempts to deal with the fallout and clarify to users that the changes won't affect the privacy of their conversations.

Tags: iCloud, WhatsApp, Encryption
Related Forum: Apple Music, Apple Pay/Card, iCloud, Fitness+

Top Rated Comments

peneaux Avatar
peneaux
14 weeks ago
I guess it's too late now. Move to Signal.

Remember WhatsApp is owned by FACEBOOK!
Score: 12 Votes (Like | Disagree)
Cybbe Avatar
Cybbe
14 weeks ago
Good. And it would be great if this puts pressure on Apple do develop a similar feature for iMessage chats. It has been reported that Apple has consciously chosen to not (end-to-end) encrypt chats backed up to iCloud to allow the government to access people's private conversations, a serious hole in Apple's public commitment to privacy.
Score: 10 Votes (Like | Disagree)
bebarhood Avatar
bebarhood
14 weeks ago
I wish we could have a cross-platform backup and restore.
Score: 4 Votes (Like | Disagree)
Pair Avatar
Pair
14 weeks ago
I think the solution Apple have chosen to use is probably quite a good measure as it satisfies both sides. In that if people wish to keep the conversation totally private they can opt not to back up their messages to iCloud, and equally if the government wish to access these messages through necessary legal processes then they can do so, if the backups exist. This prevents a situation whereby if they are totally encrypted, Governments may end up taking further action to prevent encryption or insist on a back door which would totally undermine the purpose of encryption.
Score: 3 Votes (Like | Disagree)
Deguello Avatar
Deguello
14 weeks ago

It’s better than legislated backdoors which would render there to be effectively no encryption. this way there is a choice given.
It’s specifically icloud backups. You can still backup locally with the encryption and then if you wish back up to the cloud.
Still a false dichotomy.

Backing up locally with encryption then backing that up to the cloud is backing up to the cloud with encryption, just with an extra step. All your proposal does is expose the less tech-savvy to exposure. And, by your logic, if everyone did that then we’d be right back at legislated back doors.
Score: 2 Votes (Like | Disagree)
jasonefmonk Avatar
jasonefmonk
14 weeks ago
It would be nice to know which third-party chat apps encrypt your chats even in backup scenarios.
Score: 2 Votes (Like | Disagree)
Read All Comments

Top Stories

homekit secure video package

HomeKit Secure Video Cameras Can Notify You When a Package Has Arrived Starting With iOS 15

Monday June 7, 2021 4:09 pm PDT by
Starting with iOS 15 and iPadOS 15, which will be publicly released in the fall, security cameras and video doorbells that support HomeKit Secure Video can now detect and notify you when a package has been delivered. HomeKit Secure Video, available on iOS 13.2 and later, leverages iCloud to securely stream and store video clips from compatible HomeKit-enabled indoor and outdoor cameras and...
Read Full Article55 comments
whatsapp desktop voice video calls mac

WhatsApp Desktop App Gains Support for Voice and Video Calls

Thursday March 4, 2021 1:05 am PST by
WhatsApp is today updating its desktop app for Mac and PC with voice and video calling support, the company announced. Like WhatsApp's mobile app, voice and video calls on the desktop equivalent are end-to-end encrypted, ensuring only the people conversing have access to the contents of a call. WhatsApp has been in the process of testing the new desktop call functions over the last few...
Read Full Article42 comments
WhatsApp privacy policy update

Mandatory WhatsApp Privacy Policy Update Allows User Data to be Shared With Facebook

Wednesday January 6, 2021 5:22 am PST by
WhatsApp's latest terms and privacy policy allows the popular messaging app to share a significant amount of user data with Facebook (via XDA Developers). WhatsApp users are today receiving an in-app notice informing them about the app's updated terms of service and privacy policy. The notice gives an overview of the main three updates, covering how WhatsApp processes user data, how...
Read Full Article265 comments
Telegram app

Telegram Gains New Auto-Delete Options, Expiring Invite Links, and More

Friday February 26, 2021 1:34 am PST by
Telegram Messenger is bringing new feature additions to its chat app, including new options for auto-delete messages, expiring invite links, and unlimited group numbers. Like WhatsApp and Signal, auto-delete messages have been a staple Telegram feature for some time, but with the latest update, uses can enable an auto-delete timer that applies to all Telegram chats, so that messages are...
Read Full Article11 comments
f1623088657

Apple Announces iCloud+, Combines Paid Storage With Privacy Features Like Hide My Email

Monday June 7, 2021 11:00 am PDT by
At WWDC, Apple announced that iCloud is getting a premium subscription tier called "iCloud+," which includes "Private Relay" that allows users to browse the web through Safari with all information leaving their device remaining encrypted and access to "Hide My Email." One of the headlining features for iCloud+ is Private Relay, which, similarly to a VPN, ensures that all traffic leaving a...
Read Full Article143 comments
whatsapp wallpapers 1

WhatsApp Affirms User Privacy Following Backlash Over Data Sharing With Facebook

Tuesday January 12, 2021 6:39 am PST by
Following backlash after changing its terms and privacy policy to consolidate a significant amount of data sharing with Facebook, WhatsApp is now assuring users about the privacy measures built into its app. Last week, WhatsApp began informing users of updates to the app's terms of service and privacy policy. The updated agreements, which users must consent to in order to continue using...
Read Full Article172 comments
whatsapp status updates privacy e1612180151751

WhatsApp Uses Status Updates to Remind Users About Its Privacy Commitments

Monday February 1, 2021 3:58 am PST by
WhatsApp has started using Status messages to remind its users of the messaging service's "commitment to your privacy," following the recent confusion regarding changes to its privacy policy last month. "WhatsApp is now on Status," the message begins. "We'll let you know about new features and updates here. One thing that isn't new is our commitment to your privacy. WhatsApp can't read or...
Read Full Article36 comments
icloud

Apple Temporarily Expands iCloud Storage in iOS 15 for Backing Up Data and Transferring to a New Device

Monday June 7, 2021 1:18 pm PDT by
If you're low on iCloud storage but want to buy a new device and transfer your data, Apple is making the process easier in iOS 15 with a temporary storage boost. Apple says that the new feature will grant you as much storage as you need to complete a temporary backup for up to three weeks, letting users transfer their apps, data, and settings to a new device using iCloud even when there's an ...
Read Full Article73 comments
Telegram app

Telegram Working on Tool That Lets You Import WhatsApp Chats

Thursday January 28, 2021 4:35 am PST by
Telegram is working on a way to let users import their chat history from WhatsApp so they won't lose old conversations if they switch messaging platforms. An update to the app briefly appeared in the App Store on Wednesday detailing the new import tool, but another update was swiftly issued that removed all mention of the tool, suggesting Telegram is still developing it. WABetaInfo was...
Read Full Article63 comments
macos monterey microphone indicator

Apple Highlights New Privacy Features in iOS 15 and macOS Monterey, Including Microphone Indicator on Mac

Monday June 7, 2021 2:01 pm PDT by
Apple today previewed new privacy protections coming in iOS 15, iPadOS 15, macOS Monterey, and watchOS 8. The software updates are available in beta for developers starting today and will be publicly released later this year. First, a new App Privacy Report feature will let users see how often apps have used the permission they've previously granted to access their location, photos, camera,...
Read Full Article28 comments