WhatsApp to Let Users Encrypt Chat Backups Uploaded to iCloud

WhatsApp has announced it will give its two billion users the option to upload their chat backups to Apple's iCloud using password-protected encryption.

Whatsapp E2EE Backups
Currently, WhatsApp on iPhone lets users back up their chat history to ‌‌iCloud‌‌, but messages and media that users back up aren't protected by WhatsApp's end-to-end encryption while in ‌‌Apple's cloud servers‌.

Given that Apple holds the encryption keys for ‌iCloud‌, a subpoena of Apple or an unauthorized ‌iCloud‌ hack could potentially allow access to WhatsApp messages backed up there. Apple was reportedly pressured to not add encryption to ‌iCloud‌ Backups after the FBI complained.

The upcoming WhatsApp feature will resolve that security vulnerability by allowing users to encrypt and password-protect their chat history before uploading it to Apple's cloud-based platform. WhatsApp began early work on the security feature back in March 2020.

The rollout will make backups secure in remote ‌iCloud‌ servers by making them unreadable without an encryption key. Encrypted backups will be optional, and users will be asked to save a 64-bit encryption key or create a password that is associated with the key.

According to a whitepaper published by the Facebook-owned platform, when a WhatsApp user creates a password linked to their account's encryption key, WhatsApp stores the key in a physical hardware security module (HSM) that acts like a safety deposit box and can only be unlocked using the correct password. WhatsApp only knows that a key exists in a HSM, not the key itself or the associated password to unlock it.

When the password is used to unlock the HSM, the encryption key is released which then decrypts the account's backup on Apple's servers. If the wrong password is entered repeatedly, however, the data in the HSM becomes permanently inaccessible. WhatsApp will only know that a key exists in a HSM, not the key itself or the associated password to unlock it.

"WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems," said Facebook CEO Mark Zuckerberg in a post announcing the feature.

The encrypted chat backups feature will be rolled out in the coming weeks on Android (for WhatsApp users backing up to Google Drive) and iOS, and will be available in every market where WhatsApp is operational, which could put the company at odds with some governments.

Comparatively, Apple is not making its upcoming ‌iCloud‌+ Private Relay encrypted browsing feature available to users living under certain authoritarian regimes, including China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines. According to Apple, "regulatory reasons" are preventing the Private Relay feature from launching in those countries.

Popular Stories

iOS 18 CarPlay Feature

iOS 18 Adds These 5 New Features to CarPlay

Thursday June 13, 2024 7:44 am PDT by
Apple did not mention CarPlay during its WWDC keynote this week, but iOS 18 includes a handful of new features for the in-car software. Overall, there is not a whole lot new for CarPlay on iOS 18, with changes seemingly limited to the Messages and Settings apps so far. Below, we recap everything new for CarPlay on iOS 18. New for CarPlay on iOS 18 1. Contact Photos in Messages App...
iOS 18 Wallet Feature

Here's What's New in Apple Wallet on iOS 18 for Event Tickets and More

Friday June 14, 2024 7:32 am PDT by
iOS 18 includes a handful of enhancements to the Wallet app on the iPhone, with new features for Apple Pay, Apple Cash, event tickets, and more. Below, we outline everything new for the Wallet app on iOS 18, based on information from Apple's press release and a WWDC 2024 coding session. Redesigned Event Tickets Event tickets have an all-new design in the Wallet app on iOS 18, complete...
apple watch series 9 display

Kuo: Apple Watch Series 10 to Get Larger Screen and Thinner Design

Monday June 17, 2024 1:20 am PDT by
This year's Apple Watch Series 10 will be thinner and come in larger screen sizes than previous models, according to Apple analyst Ming-Chi Kuo. In his latest industry note -10-and-98075c44ce92">shared on Medium, Kuo said the screen size options on the next-generation Apple Watch will increase from 41mm to 45mm, and from 45mm to 49mm, while being encased in a thinner design. For reference,...
maxresdefault

First Look at Messages via Satellite in iOS 18

Thursday June 13, 2024 11:29 am PDT by
Apple has been gradually expanding its suite of satellite connectivity features for iPhone, and iOS 18 brings a significant new one in the form of Messages via satellite. The feature allows users to send and receive iMessages and SMS texts, including emoji and Tapbacks, while out of range of cellular and Wi-Fi networks. CNET met up with Apple's senior director of platform product marketing,...
iOS 18 Siri Integrated Feature

You Can Give Siri a New Name With iOS 18's Vocal Shortcuts

Friday June 14, 2024 4:33 pm PDT by
Apple in iOS 18 added a Vocal Shortcuts accessibility feature, and now that iOS 18 is available in a beta capacity, users have figured out that this option can be used to give Siri a new wake word. With Vocal Shortcuts, you can assign a custom phrase that Siri can understand to launch shortcuts and complete "complex tasks," and one of the shortcuts you can set up is an alternative for "Hey...

Top Rated Comments

Ifti Avatar
36 months ago
WhatsApp is what iMessage should have been.
Score: 25 Votes (Like | Disagree)
InGen Avatar
36 months ago
It’s your turn, iMessage/iCloud…
Score: 20 Votes (Like | Disagree)
rikscha Avatar
36 months ago
Yeah fully encrypted when FB already announced they will place ads inside whatsapp based on what you write

you are a fool for using the service
Score: 14 Votes (Like | Disagree)
ecatomb Avatar
36 months ago
Just too bad that WhatsApp owner is Facebook ?
Score: 13 Votes (Like | Disagree)
0924487 Avatar
36 months ago

Signal is the answer
Yeah, good luck finding normal people willing to go that far. I have zero active contacts in Signal.
Score: 6 Votes (Like | Disagree)
sdz Avatar
36 months ago

https://gizmodo.com/whatsapp-moderators-can-read-your-messages-1847629241
So true ?

Without joking, I can only agree... If iMessage was available on Android long time ago, iMessage could be at the same place than WhatsApp : encryption, used by nearly everyone...

Maybe Signal will replace WhatsApp ?
Big deal. Messages are forwarded after you’ve been warned. They cannot control it from the outside. It stays e2e encrypted. Actually a very good design. Much better than the rotten Apple solution (we will store your key in the Backup file just because hehehehe )
Score: 6 Votes (Like | Disagree)