WhatsApp update brings backups that are not encrypted and so could allow people to read messages

Chats are protected – until they leave your phone

Andrew Griffin
Tuesday 28 August 2018 08:28 BST
A photo illustration shows a chain and a padlock in front of a displayed Whatsapp logo
A photo illustration shows a chain and a padlock in front of a displayed Whatsapp logo

WhatsApp's latest feature weakens its security could allow other people to read your messages.

The chat app normally protects every message sent using end-to-end encryption. That means that every message is kept secure, and can only be read by the people sending and receiving those messages.

But now the company has added free backups, provided by Google, that break that encryption. Everything is still kept secure while it is in the phone – but the backups themselves are not encrypted, letting anybody potentially read the messages and see the images contained inside.

WhatsApp has long offered the ability to store messages in Google Drive so they cannot be lost, but has recently announced that all of those backups will now be free.

At the same time, it encouraged people to make use of the feature by heading into the settings, finding the option for chats and then choosing how often to backup to Google Drive. The offer is only available to Android users who have Google Play services installed on their phone and are signed up with a valid Google address.

The company's help page on the new feature makes very clear that backups aren't protected. "Important: Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in Google Drive," it reads.

WhatsApp's end-to-end encryption means that messages are jumbled up when they are sent to a friend. Only that friend's phone has the code to make sense of that jumble, which stops anyone from intercepting the messages as they are being sent so they can read their contents.

But the Google feature means that those messages are unjumbled when they are being sent up to Google's servers. As such, malicious actors could get in the way of that data transfer and see what is being sent.

Backing up WhatsApp chats means that they are safe and secure if you lose or break your phone, and you can simply get hold of them over again when you do. As such, the feature offers a tradeoff between safety and privacy.

The backups can be deleted by heading to Google Drive and finding the option to "manage apps". That will bring up a list of different apps, and eventually a WhatsApp option will appear that can be deleted.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in