WhatsApp emphasizes on privacy, encryption; plans curb fake news, spam

You can report spam, fake news, phishing attempts and even stalkers to WhatsApp.

Update: 2017-08-25 08:34 GMT
If you happen to receive a message from an unknown source and suspect that it could be a phishing attempt, report it as spam, and block the sender if needed.

WhatsApp, the most popular and widely used messaging platform in the world, has a lot on its shoulders with regards to privacy, encryption, features and more. However, the small team that was acquired by Facebook Inc some time ago is still struggling to work at a faster rate to keep up with consumer needs and concerns.

When we met up with WhatsApp’s Software Engineer Alan Kao in Mumbai, he revealed a lot that’s going on back at their developer kitchens. The team of engineers is constantly brewing the popular messaging app platform to ensure that user privacy is most important to them. Hence, with the introduction of AES 256-bit encryption in 2016, WhatsApp promised the users that their messages cannot be snooped by any person on the planet — not a hacker, not the government, not even WhatsApp can read them. Each message that passes through their servers can only be decoded by the sender or the recipient.

How does WhatsApp’s Encryption work?

To know how WhatsApp’s end-to-end encryption actually works, take a look at the infographic below.

The encryption works on a very high level and each and every message sent through the app is encrypted with a unique individual key. This key is so long, that it would take around a decade or even more for a super computer to crack the code. And even if the hacker does manage to crack the code, he will still manage to read just one message — thanks to the software design, each message has a unique key code — a 60-digit number combination.

When a user sends a message, he creates his message and the WhatsApp app encrypts it with two sets of keys — a public key and a private key. This message is then sent to the server, which only transmits the message to the recipient. The public key is to define the user and sender profiles, while the private key is for individual messages. When the message reaches the user, it is only his phone and the key sets that can decode the message and display it. The server cannot decode the messages and hence cannot read them too. Storing a huge database of unreadable content makes no sense anyways, and hence the server (WhatsApp) does not store any messages on its storage, and hence all user data is safe and private.

Our two-hour discussion with the WhatsApp team also highlighted a lot more than just encryption. Spokesperson for WhatsApp Carl Woog, along with Kao, gave us a few insiders about what WhatsApp is curious to take on in future, and what they are presently working on.

How do you protect yourself from fraud, fake news and malware?

Kao gave us some insides that the general user should know and implement in their daily lives to keep himself safe from fraudsters. As a basic rule of thumb, one should look out for suspicious messages that comes in through the sender. If your message is from a known person, it depends on the content of the message. If it comes in from an unknown user, and if the content is irrelevant to you, you can immediately report the sender into the spam list. Reporting the sender as a spammer can help WhatsApp take note of the particular number or person, who is continuously spamming for no reason. The number will be analysed if the sender is also being reported by multiple people and then WhatsApp will take action against the sender and warn or probably block the person out from WhatsApp completely. However, it is not yet possible to do so since the work is still in progress, and it takes multiple spam reports to take suitable action in time. Also, it is not possible to know what the person has spammed as WhatsApp cannot read the messages that were sent across by the spammer. The reporting user would have to send a screenshot of the data that was spam, so that WhatsApp can analyse the content and confirm if the user is being spamming others accordingly.

Moving ahead, he also updated on how you should take care of messages that could be fake so that rumours can be curbed. Never forward a message to another person or group, unless you are 100 per cent sure that the message content is authentic. If you are forwarding unverified messages, you could end up into the list of spammers and fake/rumour news spreading people, if the recipient marks you as a spammer.

Kao also stressed on pointers so that users can find out if the message is a fake or a phishing message. Check for the message’s grammar and spelling mistakes. Never click on URL links in the message as it could lead you to a malware website. Check for font size and font types that could fox you into clicking on such URLs. If you find the link suspicious, refrain from clicking on it, or even forwarding it to someone who could unknowingly click on it and be harmed. Never fall to messages that ask you to forward it to an X number of people or groups. Never click on messages that ask you to activate a service.

If you happen to receive a message from an unknown source and suspect that it could be a phishing attempt, report it as spam, and block the sender if needed. Delete unknown messages and media content that comes in from unknown sources.

You can report spam, fake news, phishing attempts and even stalkers to WhatsApp. The reporting option is available under WhatsApp’s settings.

Stay safe!

In the talks with the WhatsApp team, we also tried gaining inside information about the future plans. On asking for if they were in any plans of creating a lighter version for WhatsApp for those with older smartphones, feature phones and slower internet connections, they did not give us a thumbs up. However, they did state that they could look at the possibility and revert back. Lastly, we also asked them about the governments’ requirements with regards to creating a backdoor so that they can snoop into conversations of suspected people. They stated clearly that they don’t have the keys to the encrypted messages themselves and will not be able to help the governments to create the backdoor anyways.

Tags:    

Similar News