Strange IndiaStrange India

End-to-end encryption (or E2EE) is a cornerstone of modern chat apps and protocols. iMessage, RCS, and WhatsApp all promote themselves as secure methods for messaging friends, family, and colleagues without the need to worry about outsiders intercepting and reading your messages, and it’s E2EE that allows them to do it.

It won’t be that way for long on Meta’s apps, however. The European Commission recently ruled that Meta’s messaging apps, including Messenger, must allow for “chat interoperability,” or the ability for users to connect third-party platforms to WhatsApp. The idea is that Meta has too much of a monopoly on messaging in the E.U., and doesn’t allow for fair competition with other third-party options.

In theory, allowing other platforms to route through WhatsApp will be better for all users, but there’s a catch. Meta is requesting that these third-parties either use the same Signal Protocol for E2EE as its own apps do, or demonstrate they’re using a compatible protocol that offers the same security benefits. However, as Meta highlights, they cannot control what these third-parties actually do with your messages once they leave WhatsApp or Messenger, opening up possible security vulnerabilities when you’re messaging someone using a third-party platform.

To its credit, Meta is vetting platforms that request to work with their apps before allowing them into the fold. And while Meta is more likely concerned with the lack of control over these platforms than the E2EE issue, there is a genuine security concern at play: Users may assume that messaging anyone with WhatsApp will still allow them to take advantage of the encryption benefits the app is known for, when in actuality, they may unknowingly be chatting via an insecure messaging protocol.

WhatsApp will soon warn you if a chat is not secure

To help mitigate these potential security gaps, WhatsApp is rolling out a new feature to beta testers. As reported by WABetaInfo, whenever you’re chatting with someone on the Signal Protocol, you’ll see a new “end-to-end encrypted” message at the top of the chat, alongside a lock icon. When you see this, you know that you’re getting the same E2EE protections that you would with a direct connection in WhatsApp.

You can try this feature out for yourself in the Android beta version, but WABetaInfo says you may also see it in versions,, and You can enroll in the WhatsApp beta on Android here.

It’s not clear whether Meta will bring this feature to Messenger as well. The company only recently made E2EE the default for chats on this app, so there isn’t quite the same assumption of security as you’d find on WhatsApp. Still, now that default E2EE is rolling out on Messenger, it would be prudent for Meta to note whenever you’re actually chatting with someone securely on that platform as well.

Source link


Leave a Reply

Your email address will not be published. Required fields are marked *