The recent Apple-FBI encryption issue has triggered a silent protest among numerous tech companies across the globe. While Apple—with all its might and security mechanisms—failed to uphold the security of its customers, it has certainly given the impetus to other tech companies for improving their security offerings.
Well, Facebook-owned WhatsApp on Tuesday announced that it had reinforced the encryption settings for its 1-billion user-base and all messages will now be accessible only to the sender and the recipient.
While this is a bold move from the instant messaging app’s point of view, there are certain issues that need to be rectified by the company.
Also Read: WhatsApp encryption shouldn't give safe havens for cyber crime, child porn
WhatsApp co-founders Jan Koum and Brian Acton in a blog, said, “From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats.”
The Boon
The new end-to-end encryption feature is based on the Signal Protocol, designed by Open Whisper Systems.
According to the technical White Paper on WhatsApp encryption, the end-to-end encryption protocol has been designed to prevent third parties and WhatsApp from having plaintext access to messages or calls.
From now on, when you send any message to a group or an individual, the data will only be visible to you and the group/individual you sent it to—no one else can peep inside that message.
The blog said: “No one can see inside that message. Not cyber criminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation.”
Now this is an amazing initiative, considering the exponential increase of hackers in the recent past. With more people using smartphones and instant messaging platforms for business, the new feature will certainly assist users in keeping data protected from cyber criminals.
In fact, more businesses and organisations are excessively employing mobile-based messaging platforms for discussing company policies, plans, and other confidential details. In such a scenario, this feature will definitely help in safeguarding data better.
With the new end-to-end encryption feature, WhatsApp will not only protect text messages, but will also secure photos, videos, voice messages, documents, and even calls.
Now individual users will be able to share data without any hiccups. As mentioned earlier, WhatsApp claims that even they cannot access the message.
According to the blog, with the new update, all your messages on WhatsApp will be secured with a lock and “only the recipient and you have the special key”
to unlock and access them.
“For added protection, every message you send has its own unique lock and key. All of this happens automatically: no need to turn on settings or set up special secret chats to secure your messages,” the blog added.
The Bane
While the aforementioned points indicate that the Facebook-owned instant messaging app is taking serious measures to sustain security requisites of users, there is a serious loophole that needs to be addressed to make it full proof.
Sure the new measure will prevent cyber-crimes, hacking, and misuse of data, but at the same time it will become a safe haven for terrorists and criminals to communicate, which is a huge setback.
In Apple’s case, the main issue raised was related to iPhone users, which is a fraction of WhatsApp users in the world. However, encrypting the messaging platform opens the door for a large number of criminals and terrorists to communicate safely without coming under the radar.
While encrypting messages is a great step by WhatsApp, they should also figure out a way to accumulate as much user data as possible at the time of signing up/installing WhatsApp.
Currently, the process of joining the messaging is so simple that even a 10-year-old can set it up in less than five minutes. With augmented focus on safekeeping data, the company should at least try to come up with a restricted sign-up process to avoid malicious users.
To sum it up, the new end-to-end encryption protocol is definitely something that will protect you from the cyber-attacks, hackers, and government monitoring.
However, the WhatsApp crew should also look for ways to tauten the initial installation/ signup procedure to avoid unwanted users, and have some record about each of its user in case of an emergency.
