Understanding WhatsApp and its end-to-end encryption for privacy, security
WhatsApp is one of the most commonly used instant messaging service, with a global user base of more than two billion. This Facebook-owned platform has around 400 million users in India, and that makes the country one of its biggest markets. Once a basic messaging platform, WhatsApp now supports video calling, file sharing, voice messages, etc, and boasts end-to-end encryption for privacy.
One of WhatsApp’s key features is end-to-end encryption,
which means the messages sent using WhatsApp are visible only to the sender and
receiver of the message. On paper, WhatsApp seems to be a secure instant
messaging platform with privacy at its core. However, the recent incidents
where chat details of several Bollywood personalities have allegedly been
leaked have brought back questions around WhatsApp’s privacy and security.
What is end-to-end encryption?
Encryption is the process by which a piece of information is
scrambled and randomised using mathematical formula such that it could be
deciphered only by the device it is meant for. Encryption is done using an
algorithm that transforms data into random text with no meaning. This encrypted
data is secured by an encryption key which unlocks the coded data and turns it
back into its original form. In an end-to-end encryption, the data is encrypted
on the host device and it turns back to its original form on the recipient
device through an encryption key. The process works in the background, so both
the sender and receiver see the information in its original form. The
end-to-end encryption makes it impossible for anyone other than the sender and
the receiver to read or access the data.
WhatsApp’s end-to-end encryption
WhatsApp enforced end-to-end encryption on its platform in
2016. The company had said in a blogpost: “From now on when you and your
contacts use the latest version of the app, every call you make, and every
message, photo, video, file, and voice message you send, is end-to-end
encrypted by default, including group chats.”
WhatsApp's end-to-end encryption is activated by default.
According to a WhatsApp blogpost, “WhatsApp's end-to-end encryption ensures
only you and the person you're communicating with can read what is sent, and
nobody in between, not even WhatsApp. This is because your messages are secured
with a lock, and only the recipient and you have the special key needed to
unlock and read them. For added protection, every message you send has its own
unique lock and key. All of this happens automatically: no need to turn on
settings or set up special secret chats to secure your messages.”
Is WhatsApp’s end-to-end encryption secure
Though the chats and calls on WhatsApp are secured by the
means of end-to-end encryption, there have been anomalies in its app in the
past that have led to breach of system. In 2019, Israel-based NSO Group
allegedly exploited a vulnerability in the app to load spyware on to a phone
through a video call using a spyware software named Pegasus. It was reported
that the tool had the potential to allow hackers to load spyware through video
call, even if the person never answered the call. WhatsApp had filed a lawsuit
against the Israeli firm, alleging it was behind the cyber-attacks.
Comments
Post a Comment