WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage.
Currently, WhatsApp allows users to backup their chats on cloud storage services, but these backups are not end-to-end encrypted. An attacker carrying out a SIM swapping attack could theoretically access the conversations in the backups.
If the attacker installs the popular messaging app on a new device, the app will restore the chat backup available on the storage.
The implementation of the new feature will allow to secure this process by introducing end-to-end encryption of user chat backups. Users will be able to choose a 64-digit password to protect the backup that will allow them to restore backups in future installations.
“You can now secure your end-to-end encrypted backup with either a password of your choice or a 64-digit encryption key that only you know. Neither WhatsApp nor your backup service provider will be able to read your backups or access the key required to unlock it. ” reads the announcement published by WhatsApp.
The feature will be initially available only to the users with the latest version of WhatsApp.
Users for which the feature will be available can enable it following this procedure:
(SecurityAffairs – hacking, end-to-end encrypted chat backups)