More secrets? WhatsApp encryption promises security for 1 billion users

WhatsApp's co-founders released end-to-end encryption for its 1 billion users Tuesday, meaning no one else, from WhatsApp coders to the FBI, will have access to messages. 

Thomas White/Reuters
A security update message is seen on a Whatsapp message in this illustration photo.

WhatsApp is installing end-to-end encryption for its more than 1 billion users, the messaging application announced Tuesday.  

"The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to," WhatsApp co-founders Jan Koum and Brian Acton write in a blog post. "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation." 

The online messaging service, which is owned by Facebook, allows users to send messages, videos, photos, and make calls. And now WhatsApp users on every type of phone are ensured complete privacy through encryption as a default setting, meaning users don't have to go through a complicated set-up process.

If WhatsApp's end-to-end encryption feature seems timely amid the FBI-Apple debate over San Bernardino shooter Syed Farook's iPhone, that's because it is. Mr. Koum and Mr. Acton hint at the case as a motivation for developing an automatic, end-to-end encryption feature for WhatsApp.

"Recently there has been a lot of discussion about encrypted services and the work of law enforcement," the pair writes. "While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people's information to abuse from cybercriminals, hackers and rogue states."

By rolling out end-to-end encryption, WhatsApp is guaranteeing its users a messaging service with the most security possible.

"Encryption algorithms use math to 'scramble' data so it can't be read by an unauthorized person – such as a hacker or government seeking to break in," the Monitor's Malena Carollo explains in Passcode's beginner guide to encryption. "Right now, you're reading what's known as plain text. But if this article was encrypted, anyone who intercepts the encrypted version of it would instead see a very long string of unintelligible numbers and letters, such as: 'SNaci82xleab92lka.' "

To unscramble this confusing code, readers will need an encryption 'key' typically safeguarded by at least one company or outside source. But in end-to-end encryption like WhatsApp has installed, no one except the people having the conversation will hold the decryption key. 

That means WhatsApp won't be able to comply with court orders to release users' messages, calls, or video data. 

"Like Apple, WhatsApp is, in practice, stonewalling the federal government, but it's doing so on a larger front – one that spans roughly a billion devices," Wired's Cade Metz wrote on Tuesday.

Apple and WhatsApp continue to stand their ground against decrypting requests from the federal government. The FBI and other government agencies, however, often see end-to-end encryption as a barrier to national security. 

"Soon after the series of bombings and mass shootings, Senate Intelligence Committee Chairman Richard Burr (R) of North Carolina said, 'Encryption has been a problem, will continue to be a problem, and that problem will grow,' " Passcode's Jack Detsch reported in late March. "Those comments echoed FBI Director James Comey’s longstanding concerns that the spread of end-to-end consumer encryption only exacerbates the agency's so-called 'going dark' problem, meaning it can’t track terrorist or criminal communications cloaked with this kind of technology."

of 5 stories this month > Get unlimited stories
You've read 5 of 5 free stories

Only $1 for your first month.

Get unlimited Monitor journalism.