WhatsApp quietly brings encryption to its iCloud backup


San Francisco, May 9 (IANS): After introducing end-to-end encryption in mobile chats last year, WhatsApp has quietly added new security features to its iCloud backup feature.

The iCloud backup encryption has been a feature for some time but it has come out in the open only now, Forbes reported on Tuesday.

The messages and chats in iCloud backups are uploaded on Apple servers.

"Without any fanfare, it added a unique encryption key created by the WhatsApp app, rather than just relying on the iCloud Drive to protect customer data," the report added.

This comes on top of the end-to-end encryption rolled out for one billion WhatsApp users on mobile platforms.

"When a user backs up their chats through WhatsApp to iCloud, the backup files are sent encrypted," a WhatsApp spokesperson was quoted as saying.

But one Russia-based security company called Oxygen Forensics has claimed to circumvent the encryption.

"So what Oxygen does is download data backed up by WhatsApp, and they then require a SIM-card with the same number as the user so they can receive the verification code. They can then generate the key and decrypt downloaded data," the report said.

What this means is that government officials with access to a SIM card can potentially use it to still gain access to encrypted messages stored in iCloud.

WhatsApp rolled out the encryption to all of its platforms and users in April last year.

  

Top Stories


Leave a Comment

Title: WhatsApp quietly brings encryption to its iCloud backup



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.