WhatsApp to Let Users Encrypt Chat Backups Uploaded to iCloud

WhatsApp has announced it will give its two billion users the option to upload their chat backups to Apple's iCloud using password-protected encryption.

Whatsapp E2EE Backups
Currently, WhatsApp on iPhone lets users back up their chat history to ‌‌iCloud‌‌, but messages and media that users back up aren't protected by WhatsApp's end-to-end encryption while in ‌‌Apple's cloud servers‌.

Given that Apple holds the encryption keys for ‌iCloud‌, a subpoena of Apple or an unauthorized ‌iCloud‌ hack could potentially allow access to WhatsApp messages backed up there. Apple was reportedly pressured to not add encryption to ‌iCloud‌ Backups after the FBI complained.

The upcoming WhatsApp feature will resolve that security vulnerability by allowing users to encrypt and password-protect their chat history before uploading it to Apple's cloud-based platform. WhatsApp began early work on the security feature back in March 2020.

The rollout will make backups secure in remote ‌iCloud‌ servers by making them unreadable without an encryption key. Encrypted backups will be optional, and users will be asked to save a 64-bit encryption key or create a password that is associated with the key.

According to a whitepaper published by the Facebook-owned platform, when a WhatsApp user creates a password linked to their account's encryption key, WhatsApp stores the key in a physical hardware security module (HSM) that acts like a safety deposit box and can only be unlocked using the correct password. WhatsApp only knows that a key exists in a HSM, not the key itself or the associated password to unlock it.

When the password is used to unlock the HSM, the encryption key is released which then decrypts the account's backup on Apple's servers. If the wrong password is entered repeatedly, however, the data in the HSM becomes permanently inaccessible. WhatsApp will only know that a key exists in a HSM, not the key itself or the associated password to unlock it.

"WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems," said Facebook CEO Mark Zuckerberg in a post announcing the feature.

The encrypted chat backups feature will be rolled out in the coming weeks on Android (for WhatsApp users backing up to Google Drive) and iOS, and will be available in every market where WhatsApp is operational, which could put the company at odds with some governments.

Comparatively, Apple is not making its upcoming ‌iCloud‌+ Private Relay encrypted browsing feature available to users living under certain authoritarian regimes, including China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines. According to Apple, "regulatory reasons" are preventing the Private Relay feature from launching in those countries.

Top Rated Comments

Ifti Avatar
7 weeks ago
WhatsApp is what iMessage should have been.
Score: 24 Votes (Like | Disagree)
InGen Avatar
7 weeks ago
It’s your turn, iMessage/iCloud…
Score: 19 Votes (Like | Disagree)
rikscha Avatar
7 weeks ago
Yeah fully encrypted when FB already announced they will place ads inside whatsapp based on what you write

you are a fool for using the service
Score: 14 Votes (Like | Disagree)
ecatomb Avatar
7 weeks ago
Just too bad that WhatsApp owner is Facebook ?
Score: 13 Votes (Like | Disagree)
h3ysw5nkan Avatar
7 weeks ago

Signal is the answer
Yeah, good luck finding normal people willing to go that far. I have zero active contacts in Signal.
Score: 6 Votes (Like | Disagree)
sdz Avatar
7 weeks ago

https://gizmodo.com/whatsapp-moderators-can-read-your-messages-1847629241
So true ?

Without joking, I can only agree... If iMessage was available on Android long time ago, iMessage could be at the same place than WhatsApp : encryption, used by nearly everyone...

Maybe Signal will replace WhatsApp ?
Big deal. Messages are forwarded after you’ve been warned. They cannot control it from the outside. It stays e2e encrypted. Actually a very good design. Much better than the rotten Apple solution (we will store your key in the Backup file just because hehehehe )
Score: 6 Votes (Like | Disagree)

Related Stories

Whatsapp E2EE Backups

WhatsApp's End-to-End Encrypted Chat Backups Feature Now Rolling Out

Friday October 15, 2021 1:09 am PDT by
WhatsApp end-to-end encrypted backups are now rolling out for iPhone users, Facebook has announced. Until now, WhatsApp let users back up their chat history to ‌‌iCloud‌‌, but the messages and media contained in the backups weren't protected by WhatsApp's end-to-end encryption while in ‌‌Apple's cloud servers‌. Since Apple holds the encryption keys for ‌iCloud‌ Backup, a...
Whatsapp Feature

WhatsApp Still Working on Password-Protected Encrypted iCloud Backups

Monday March 8, 2021 3:27 am PST by
WhatsApp is working on a way to secure users' chat backups in iCloud using password-protected encryption, according to a new report from forthcoming-feature specialist WABetaInfo. The Facebook-owned chat platform began early work on the security feature back in March 2020. Currently, WhatsApp on iPhone lets users back up their chat history to iCloud, but messages and media that users back up ...
apple privacy

Apple Makes iCloud Safari Bookmarks End-To-End Encrypted [Updated]

Monday October 4, 2021 1:28 am PDT by
Apple has toggled end-to-end encryption for Safari bookmarks in iCloud, further expanding the type of user data that the company fully encrypts, offering the highest level of privacy and data protection. Spotted on Reddit, an update to Apple's "iCloud security overview" page has indicated that alongside Safari tabs and history, Safari bookmarks are now end-to-end encrypted, meaning no one,...
Whatsapp Feature

Facebook Reportedly Researching Ways to Use Encrypted WhatsApp Messages for Targeted Advertisements

Tuesday August 3, 2021 7:24 am PDT by
Facebook is researching ways to analyze encrypted data, such as WhatsApp messages, without actually decrypting the information, according to a new report from The Information. The report cites that Facebook has confirmed it is building a team of artificial intelligence researchers to "study ways of analyzing encrypted data without decrypting it." While it is still early in development, the...
Whatsapp Feature

WhatsApp Rolling Out Ability to Transfer Chats Between iOS and Android

Wednesday August 11, 2021 8:16 am PDT by
One of the biggest hurdles for customers looking to switch between Android and iOS is their inability to transfer their WhatsApp chats between the two different ecosystems. Now, that's coming to an end, as WhatsApp has officially announced that it will easily allow users to transfer their chats between Android and iOS. As reported first by Engadget, WhatsApp used airtime during Samsung's...
Whatsapp Feature

WhatsApp Testing Ability to Transfer Chats Between iOS and Android

Tuesday April 6, 2021 12:37 am PDT by
WhatsApp is testing a new feature that will allow users to transfer their chat history, logs, and transcripts between iOS and Android devices, making it easier for WhatsApp users to switch between the two platforms. The new future, in the early stages of development, was brought to light by WABetaInfo, who often shares unreleased and hidden features behind the chatting service. According to ...
Whatsapp Feature

WhatsApp to Roll Out Multi-Device Support, Hints at Future iPad App

Thursday June 3, 2021 3:58 am PDT by
In an interview with WABetaInfo, Facebook CEO Mark Zuckerberg confirmed that the popular messaging app will soon be rolling out multi-device capability, allowing users to use their WhatsApp account on up to four different linked devices even when their main smartphone is not connected to the internet. According to Zuckerberg, Facebook has faced "a big technical challenge" in getting "all...
Whatsapp Feature

WhatsApp Ends Support for iOS 9, Now Requires iPhone 5 or Later to Work

Thursday March 18, 2021 2:55 am PDT by
As indicated in a newly published support document, WhatsApp has ended support for iOS 9 and earlier versions of Apple's mobile operating system, requiring all users to be running at least iOS 10, released in 2016. Up until now, iOS 9 users – who will have been mainly iPhone 4s owners – were able to use the encrypted chat service. Going forward, however, iOS 10 is required, meaning users ...
icloud passwords for windows

Apple Releases iCloud 12.5 for Windows With iCloud Keychain Password Manager App

Monday August 16, 2021 11:50 am PDT by
Apple today released a new version of its iCloud for Windows app, with the 12.5 update adding a new iCloud Keychain password manager app for Windows users. With the new password management option, those who are running Windows can access their iCloud Keychain passwords and can add, edit, copy and paste, delete, and look up usernames or passwords. Apple in January released an updated version...
whatsapp status updates privacy e1612180151751

WhatsApp Uses Status Updates to Remind Users About Its Privacy Commitments

Monday February 1, 2021 3:58 am PST by
WhatsApp has started using Status messages to remind its users of the messaging service's "commitment to your privacy," following the recent confusion regarding changes to its privacy policy last month. "WhatsApp is now on Status," the message begins. "We'll let you know about new features and updates here. One thing that isn't new is our commitment to your privacy. WhatsApp can't read or...