Of all the instant messaging apps, the WhatsApp messenger service is the most popular service with more number of users. Recent news about the instant messenger app regarding the security is of major concern and it is rolled out in the Apple version.
Security is Tightened
The messages sent by the users are protected by a security mechanism called the end to end encryption that restricts WhatsApp and another third party to read the messages. The message can only be read by the intended user, there is no way to intercept the message through the network or server through which the messages are transmitted.
In the case of the encryption technique, the normal text message sent by the user is encrypted into a long series of digits that cannot be read by anyone. To read the encrypted text, the receiver requires an encryption key to decrypt the text and it is sent to the receiver by the sender along with the message. Any third party trying to hack the message during the transmission cannot unlock the message without the key.
The unique feature about the key is that it is ephemeral, which means that the key disappears once when the recipient unlocks the message. The users who wish to test the end to end encryption technique can verify the message transmission by scanning the code on any other mobile phone. The messenger app encrypted both the messages and calls as means of protecting the customer’s personal information.
WhatsApp is owned by Facebook
WhatsApp was launched as a startup messenger service in 2009 and within a short span of time; the company became popular among the users because of the ease of access and simple user interface. The app crossed nine hundred million users by 2014. On seeing the immense business growth and the active number of users, many technology companies tried to acquire the app. But, in 2014 Facebook acquired the messenger app for nineteen billion dollars.
At the time of acquisition, Facebook faced several issues in its service and the service was banned in some of the countries. So, the new deal by the social media platform was a comeback for the company, and many traditional users who left the platform rejoin the application.
The messenger platform had rolled out many services after the acquisition and has become popular among the users. They announced that they have crossed one billion active users across the globe. WhatsApp as we know is a cross platform messenger application and users accessing different kinds of operating system can send messages and other media files without any trouble.
Protection from spies and hackers
The calls and messages that are transmitted via the platform are protected by the e2e encryption so that no other third party can intercept the messages. However, the iPhone users were enabled to store their chats in the Apple server in the readable form. Though, the accounts in the iCloud drives are encrypted, the decryption key that is used to unlock the messages were able to access the user information, like accessing the communication history that would have been handed to the law enforcement.
So, the messenger app has rolled out the encryption in the cloud backup that blocks all the users who are not legible to unlock the message without the decryption key from WhatsApp. This extra layer of security protects user’s information from the others. Any law enforcement or any other organization that requires accessing the user message in the cloud backup should deal with WhatsApp.
Sources close to the messenger platform states that the company is working on generating and backup the key information, which specifies that they have the access to the decryption key and the users can generate the access key to unlock the messages.
This information about the cloud backup encryption emerged after the famous company that releases hacking tool, Oxygen Forensic introduced its tool to bypass the encryption of the messages stored in the iCloud. The hacking tool launched by the technical company requires the SIM card information related to the account, while WhatsApp users can decrypt messages using the generated key.
Place for terrorists to hide
A self initiative attack against London parliament happened early this year causing many government officials to focus towards the messenger app’s security system.
After following the Jihad preach a converted Muslim hired a cab and crossed the Westminster Bridge speeding towards the Parliament. When he was stopped by a police officer, he stabbed the officer with the knife causing him to fall dead on the ground; the other officers pulled three gunshots causing the terrorist to die.
According to the police report, the terrorist had accessed his WhatsApp account last before the attack, but the police were unable to decrypt the message sent by the terrorist because of the e2e encryption system. The Home Secretary, Amber Rudd summoned all the social media services like Google, Facebook, WhatsApp and other services to leverage the security service that happens to become a secret place for the terrorist to communicate and execute their terrorist attacks.
Communication service block
The messenger app was blocked in Brazil 3 times earlier for not providing the government with information relation to the investigation. According to the company policy of the messenger app, the app has promised its users that it will not hand over the personal information to the parent company, government organizations or third party. The judges had ordered the telecom companies to block the service.
The competitor messaging app, Telegram is also protected with encryption mechanism, but its software is written to abide by the law enforcement companies to read the messages when they act as a major role in investigating the criminal cases. Already the police of Germany were able to identify the terrorist attack planned by Anis Amri that killed twelve people. Because of the message he sent through the messenger platform, the police were able to decrypt the message. This is not the first attack that has taken place in London; there are many other terrorist attacks that took place earlier causing the government to order the tech companies to take the needed action regarding the safety of the country and its people.
Later, the spokesperson from the messenger app said that they were working with the law enforcement and provides the needed information from their end that would help in dealing with the attack.
WhatsApp is the famous app that is used by millions and millions of users and it has gained the user’s trust by enabling the encryption in the message transmission. Though the company was offended by the government organizations to allow access to the messages to law enforcement, the company denied to provide access and made sure it kept with its policy terms.
Inspite of the protection, the Apple users were allowed to save their messages in the iCloud backup drive where it was in the readable form. And it was stated that it is possible to read the communication history of the user using the key, therefore the messenger app introduced an added security layer to the user’s chat. So, any third party trying to access the messages in the iCloud backup has to first deal with WhatsApp.
Author: Anand Rajendran is CEO and Co-Founder of Zoplay, best PHP scripts development company located in India. Zoplay is a part of Casperon Technologies a leading social and mobile development company which is developing , leading innovative and collaborative software development teams to deliver major software applications like SCIMBO – Whatsapp Clone Script. I’m a Tech geek, Digital marketing expert, Entrepreneur, and Atheist who loves to write everything about PHP Scripts and mobile application development.