Is WhatsApp is secure & safe enough to share personal details and other private information ?
Whatsapp is a popular messaging app with over more than 1 billion users worldwide. So, whats about the safety of whatsapp messages ? Users privacy & security is the first challenge for company.
What is WhatsApp End-To-End Encryption ?
In recent months, Whatsapp built the end-to-end encryption in latest version of app. This encryption means that the messages, photos, videos, voice messages, documents, and calls are are fully end-to-end encrypted. Only the sender and the receiver can read the message. No other third party may read that message.
Every Message is sent through whatsapp is secured with a lock & a key. Only the sender & receiver has the key to unlock it.
End-To-End encryption is only activated on latest version of whatsapp. Once activated, there is no way to turn it off.
How to Improve Security and Verify that the Chat is End-To-End Encrypted ?
- Open the Chat
- Tap on the name of the contact to open the contact info screen.
Tap Encryption to view the QR code and 60-digit number.
Scan your friends QR code or compare the 60 digit number. If the number is same, that means no one is intercepting your messages.
WhatsApp New Vulnerability – Backdoor
On 13th Jan 2017, a security researcher said that he discovered a backdoor in Whatsapp messaging service. The flaw allows facebook(owned Whatsapp) to intercept and read encrypted messages. He told the Guardian: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”
While using WhatsApp service, chats are encrypted via keys that verify the sender and receiver. But what happens when the receipient’s is offline (App is reinstalled or Phone number changed on device). The WhatsApp client generates a new key.When the recipient’s key changes, the sender’s encrypted message sits in limbo waiting to be delivered. Once a new key has been generated by the new device, the message can attempt to be resent.
The sender is notified about the key change after the message is sent. The sender is notified only if he enabled the security notification.
Forensics expert and iOS researcher Jonathan Zdziarski said that “I do not assess the issues with WhatsApp to constitute a backdoor”