WhatsApp security

WhatsApp security insights

Android security

With the newest update for Android, WhatsApp introduced end-to-end encryption. That means that WhatsApp messages between two Android devices cannot be decrypted by any third-party - not even WhatsApp (or now: Facebook) itself.

WhatsApp security

Whereas this significantly improves the security of the overall communication, the fact that encryption for the iOS client of WhatsApp is introduced “later” decreases the security of the communication to de-facto no security at all.

Why is that?
Well, big security installations as the one for WhatsApp require very large deployments of different clients - especially when app providers have to deal with heterogeneous systems such as Android.

5980 different devices...and counting

As an example of the heterogeneity of Android you can find a sample of the Google Play Admin console for SecureBeam: Currently more then 5980 different devices are supported by SecureBeam.

5980 different devices

This overwhelming number is by far more complex than the managable number of different iOS devices (namely iPhone 4, 4S, 5, 5C, 5S, 6 and 6 Plus).

To establish a holistic security approach for WhatsApp we strongly encourage the update of the iOS clients to end-to-end encryption as well - the sooner the better. From a system development point of view the by far more complex task to upgrade the Android version of WhatsApp is already achieved.
So please, Facebook - deliver iOS end-to-end encryption as well. It’s not that complex :)