“Starting today, we are making available an extra, optional layer of security to protect backups stored on Google Drive or iCloud with end-to-end encryption,” the company said in a blog post.
“No other global messaging service at this scale provides this level of security for their users’ messages, media, voice messages, video calls and chat backups.”
Users will have a choice for how the encryption key used is stored.
The simplest is for users to keep a record of the random 64-digit key themselves, akin to how Signal handles backups, which they would need to re-enter to restore a backup.
The alternative would be for the random key to be stored in WhatsApp’s infrastructure, dubbed as a hardware security module-based Backup Key Vault that would be accessible via a user-created password.
For redundancy purposes, WhatsApp said the key would be distributed through multiple data centres that operate on a consensus model.
WhatsApp said it would only know that a key exists in its vault, but would not know the key itself.
The backups would store message text, as well as photos and videos received, WhatsApp said.
Related Coverage
What took Facebook downWhatsApp fined $267 million for GDPR violationsWhatsApp details plans to offer encrypted backupsWhatsApp patches vulnerability related to image filter functionalityWhatsApp to adjust privacy rules in Brazil