How to encrypt WhatsApp

Who I am
Lluís Enric Mayans

Did you know that WhatsApp has introduced a feature to encrypt messages but you don't know how to activate it on your phone? Don't worry, you don't have to do anything in particular. In fact, you probably don't have to do anything! If you use a fairly recent version of WhatsApp, encryption is active by default and therefore all conversations are automatically protected from the gaze of prying eyes.

The type of encryption used by WhatsApp is end-to-end. This means that the messages are protected with "padlocks" even before being sent to the service's servers and can only be viewed by those who have the right keys to decrypt them, ie the respective senders and recipients; all the others, including the service managers and any "snoopers", cannot access the messages and view their content. The best thing of all, however, is that to take advantage of WhatsApp encryption you don't have to move a finger: the communications are encrypted and decrypted automatically by the application without the user having to intervene in any way. The important thing is to use a fairly recent version of the app.

Encryption applies to all forms of communication supported by WhatsApp: messages, group chats, photos, videos, calls etc. and works on all popular operating systems, such as Android, iOS and Windows Phone. There is also a tool to find out if a particular chat is protected by encryption or not: if you want I'll explain how to use it and, if necessary, how to encrypt WhatsApp if any communication is not yet protected with end-to-end encryption. I assure you it's really child's play.

Check the WhatsApp encryption

To find out if your communications are protected with end-to-end encryption, open WhatsApp, go to the card Chat and select the conversation of your interest.

At this point, press on name of the person which is at the top of the screen (or on the group title, if you have selected a group chat) and check what is written under the heading Cryptography on the page that opens: if your conversation is already protected with end-to-end encryption, you will find the words The messages you send in this chat and calls are protected with end-to-end encryption.

In some cases, a message about message encryption appears directly within the chats. If among the messages of a chat you find a yellow box with the writing inside The messages you send in this chat and calls are protected with end-to-end encryption, the chat is already encrypted.

Another way to check for the presence of encryption in WhatsApp is to compare the chat identification code with the one displayed on your interlocutor's smartphone. To complete this verification, the chat users must be physically close to each other. Here are all the steps to take.

  • To open WhatsApp and select the chat for which you want to check for encryption. This operation must be carried out by both users;
  • Press on name of your interlocutor displayed at the top of the screen. This operation must also be performed on the smartphones of both users;
  • Press on the item Cryptography, always on the smartphones of both interlocutors.

At this point, we can compare the Numerical code displayed on the screens of the two smartphones or, if you prefer, you can scan the QR code displayed on one of the two phones using the other terminal (just press the button Scan code located below).

If the numeric code is the same on both devices or the QR code scan returns a green circle with check mark inside, encryption is active, and messages cannot be read by anyone other than the legitimate senders and recipients. If, on the other hand, the verification is not successful, one of the two interlocutors uses an old version of WhatsApp and therefore cannot take advantage of end-to-end encryption. More info here.

Add encryption in WhatsApp

If the encryption verification failed, you can encrypt WhatsApp simply by installing the latest version of the app on your smartphone. If you don't know how to proceed, here are all the steps you need to take in detail.

If you use a smartphone Android, start the Play Store (the shopping bag icon with the ▶ symbol "printed" in the center), presses the button  collocato in alto a sinistra and selects the voice Le mie app ei miei giochi from the bar that appears on the side. At this point, look for the icon of WhatsApp in the section Install, select it and press the button first Update and then Accept to install the latest version of the app on your phone.

If you use a iPhone, start theApp Store (the blue icon with the letter “A” in the center), select the card Updates located at the bottom right, look for the icon of WhatsApp e pulsing sul pulsating Update placed next to the latter.

If you use a Windows Phone, april il Windows Phone Marketplace (the shopping bag icon with the Windows flag "printed" in the center), presses the button (...) che si trova in basso a destra e seleciona la voce settings from the menu that appears. In the screen that opens, presses the button look for updates and wait for the apps installed on your phone to be updated.

If you want more information on the WhatsApp update procedure or you are unable to update WhatsApp, consult my tutorials on the topic in which I dealt with updating WhatsApp and all the possible problems related to the latter.

So WhatsApp is 100% safe

No. WhatsApp is very secure, you can continue to use it without any problems, but you should know that it is not 100% invulnerable, and it does not protect all information in the same way.

The encryption technology used by WhatsApp (TextSecure) is very reliable, but being WhatsApp a closed source and commercial product there are several potential problems that must be taken into consideration.

First of all, as you can also read in the official documentation of the service, WhatsApp keeps the contacts present in the user directories and the so-called metadata, that is, the information relating to who contacted who is the moment in which he did so. On the other hand, the content of the chats is not recorded which, as mentioned, is encrypted and can only be consulted by legitimate senders and recipients of communications. The information collected by WhatsApp should not be used for promotional purposes, but the company reserves the right to provide it to authorities and government bodies should they request it.

Other information, such as the frequency of use of WhatsApp, the telephone operator used and other "technical" information on the smartphone in use could end up in the databases of Facebook: a company that, as you probably already know, acquired WhatsApp in 2014. At the time of writing, the passage of data from WhatsApp to Facebook has been blocked, but it is not certain that sooner or later it will not be able to start again. You pay attention to any privacy policies shown by WhatsApp: if they appear, read their content carefully and consider whether or not to accept the changes in the processing of your personal data.

Another aspect that must be taken into consideration in terms of privacy is the fact that WhatsApp is a closed source application; this means that it is not possible to fully analyze his source code and to know if, for example, there are problems in the implementation of encryption or other more or less major problems that could compromise the privacy of our data.

If you care about privacy, give it a try Signal: it is a messaging app for Android and iOS that uses the same end-to-end encryption technique of WhatsApp but is open source and has no commercial purpose, so it is much more secure from the point of view of privacy. Suffice it to say that it has as its "sponsor" Edward Snowden, the main architect of the datagate through which many confidential documents of the US government have been published. By switching to Signal you will have to convince your friends to use this app too, but in my opinion it's worth it!

Another widely talked about WhatsApp alternative is Telegram, which, however, from the point of view of privacy is not so much better than WhatsApp, on the contrary. By default, Telegram uses end-to-end encryption only in secret chats (so not in normal chats) and its encryption system is deemed less reliable than WhatsApp's.

In conclusion, I would like to point out that if you have activated the backup of WhatsApp chats to the cloud (more precisely on Google Drive if you use an Android terminal and on iCloud if you have an iPhone), copies of your chats, as well as on your smartphone, will also be saved on Google and Apple servers, where they could be stored in an unencrypted manner or in any case they could be given into the hands of authorities and governmental bodies if they so request.

In short: WhatsApp is safe, you can use it without too many worries of mind; but remember that it is a commercial product and that your data - except the content of the conversations - is the currency with which you pay for a service that is provided free of charge.

Password protect WhatsApp

If you want to encrypt WhatsApp in the sense that you want to protect access to the app with a password, find out how to do it by reading my tutorial on how to put the password on WhatsApp.

add a comment of How to encrypt WhatsApp
Comment sent successfully! We will review it in the next few hours.