The platform took this step to block one of the difficult ways in which private communication between individuals can be hacked through the application.
The Facebook-owned service has contained end-to-end encrypted conversations between users for more than a decade. But users had no choice but to store the chat backup via the cloud in an unencrypted format.
Exploiting unencrypted WhatsApp chat backups via Google and Apple servers is one of the widely known methods that have allowed law enforcement agencies around the world to access the conversations of suspected individuals.
“WhatsApp is the first global messaging service on this scale to offer end-to-end encrypted messaging and backup,” Facebook CEO Mark Zuckerberg said in a blog post announcing the new feature.
“Getting here is a difficult technical challenge,” he added. It required a new framework for core storage and cloud storage across operating systems.
The company said it has devised a system to enable its users across Android and iOS to lock chat backups with encryption keys.
The platform states that it offers users two ways to encrypt cloud backups, and the feature is optional.
In the coming weeks, users of the platform will see an option to generate a 64-digit encryption key to lock chat backups in the cloud.
Users can store the encryption key offline or in a password manager of their choice, or they can create a password that supports their encryption key in a cloud-based backup key vault developed by the company.
The encryption key stored in the cloud cannot be used without the user’s password, which the company does not know.
“We know that some prefer the 64-digit encryption key while others want something they can easily remember,” WhatsApp said. So we include both options.
Once an encrypted backup is created, the previous versions of the backups are deleted. This happens automatically, and there is no action for the user to take.
The move to introduce this added layer of privacy is significant and could have far-reaching implications. End-to-end encryption remains a thorny topic of discussion as governments continue to push for back doors.
Apple was reportedly pressured not to add encryption to iCloud backups following an FBI complaint. And while Google offered users the ability to encrypt their data stored in Google Drive, the company allegedly didn’t tell governments before rolling out the feature.
“People’s messages are very personal,” WhatsApp said. As we live more of our lives online, we believe companies should enhance the security they provide to their users. Through this feature, we give our users the option to add this extra layer of security to their backups if they wish.