WhatsApp announced on Friday that it will offer end-to-end encrypted backups to its users later this year. Users will be able to choose how the encryption key is saved. The most straightforward solution is for customers to keep a record of the random 64-digit key, similar to how Signal manages backups, which they would need to re-enter to restore a backup. The random key might also be stored in WhatsApp’s infrastructure, which would be referred to as a hardware security module-based (HSM) Backup Key Vault and accessible via a user-created password. “The HSM Backup Key Vault is responsible for enforcing password verification attempts and rendering the key permanently inaccessible after a certain number of unsuccessful attempts to access it. These security measures provide protection against brute force attempts to retrieve the key.” WhatsApp stated that it would only be aware of the existence of a key in its vault, but not the key itself. WhatsApp stated that the backups would include message content as well as images and videos received. “After a backup is encrypted, it is stored in the third party storage (for example iCloud or Google Drive). Because the backups are encrypted with a key not known to Google or Apple, the cloud provider is incapable of reading them.” Users were originally prompted to accept WhatsApp’s new privacy conditions by February 8 or risk being unable to use the app. WhatsApp said the policy will change how it collaborated with Facebook to “provide integrations,” and that businesses could have utilised Facebook services to manage WhatsApp discussions, according to the language used. WhatsApp eventually abandoned its update plans in June.
