WhatsApp End-to-end encryption FAQ
23 removals
44 lines
26 additions
45 lines
End-to-end encryption
About end-to-end encryption
Privacy and security is in our DNA, which is why we have end-to-end encryption. When end-to-end encrypted, your messages, photos, videos, voice messages, documents, status updates and calls are secured from falling into the wrong hands.
Privacy and security is in our DNA, which is why we built end-to-end encryption into our app. When end-to-end encrypted, your messages, photos, videos, voice messages, documents, status updates and calls are secured from falling into the wrong hands.
Personal Messaging
WhatsApp's end-to-end encryption is used when you chat with another person using WhatsApp Messenger. End-to-end encryption ensures only you and the person you're communicating with can read or listen to what is sent, and nobody in between, not even WhatsApp. This is because with end-to-end encryption, your messages are secured with a lock, and only the recipient and you have the special key needed to unlock and read them. All of this happens automatically: no need to turn on any special settings to secure your messages.
WhatsApp end-to-end encryption ensures only you and the person you're communicating with can read what's sent, and nobody in between, not even WhatsApp. Your messages are secured with locks, and only the recipient and you have the special keys needed to unlock and read your messages. For added protection, every message you send has an unique lock and key. All of this happens automatically: No need to turn on settings or set up special secret chats to secure your messages.
Business Messaging
Every WhatsApp message is protected by the same Signal encryption protocol that secures messages before they leave your device. When you message a WhatsApp business account, your message is delivered securely to the destination chosen by the business.
Note: End-to-end encryption is always activated. There's no way to turn off end-to-end encryption.
WhatsApp considers chats with businesses that use the WhatsApp Business app or manage and store customer messages themselves to be end-to-end encrypted. Once the message is received, it will be subject to the business’s own privacy practices. The business may designate a number of employees, or even other vendors, to process and respond to the message.
Some businesses1 will be able to choose WhatsApp’s parent company, Facebook, to securely store messages and respond to customers. While Facebook will not automatically use your messages to inform the ads that you see, businesses will be able to use chats they receive for their own marketing purposes, which may include advertising on Facebook. You can always contact that business to learn more about its privacy practices.
Note: The encryption status of an end-to-end encrypted chat cannot change without the change being visible to the user. For more information about which chats are end-to-end encrypted, please read our white paper.
Payments
Payments on WhatsApp, which are available in select countries, enable transfers between accounts at financial institutions. Card and bank numbers are stored encrypted and in a highly-secured network. However, because financial institutions can’t process transactions without receiving information related to these payments, these payments aren’t end-to-end encrypted.
Payments on WhatsApp, which are available in select countries, enable transfers between accounts at financial institutions. Card and bank numbers are stored encrypted and in a highly-secured network. However, because financial institutions can’t process transactions without receiving information related to these payments, these payments aren’t end-to-end encrypted.
What's the "Verify Security Code" screen in the contact info screen?
What's the "Verify Security Code" screen in the contact info screen?
Each of your chats has its own security code used to verify that your calls and the messages you send to that chat are end-to-end encrypted.
End-to-end encrypted chats have their own security code used to verify that the calls and the messages you send to that chat are end-to-end encrypted.
Note: The verification process is optional and used only to confirm that the messages you send are end-to-end encrypted.
Note: The verification process is optional for end-to-end encrypted chats, and only used to confirm that the messages and calls you send are end-to-end encrypted.
This code can be found in the contact info screen, both as a QR code and a 60-digit number. These codes are unique to each chat and can be compared between people in each chat to verify that the messages you send to the chat are end-to-end encrypted. Security codes are just visible versions of the special key shared between you - and don't worry, it's not the actual key itself, that's always kept secret.
This code can be found in the contact info screen, both as a QR code and a 60-digit number. These codes are unique to each chat and can be compared between people in each chat to verify that the messages you send to the chat are end-to-end encrypted. Security codes are just visible versions of the special key shared between you - and don't worry, it's not the actual key itself, that's always kept secret.
To verify that a chat is end-to-end encrypted
To verify that a chat is end-to-end encrypted:
Open the chat.
Open the chat.
Tap on the name of the contact to open the contact info screen.
Tap on the name of the contact to open the contact info screen.
Tap Encryption to view the QR code and 60-digit number.
Tap Encryption to view the QR code and 60-digit number.
Note: This feature is only available for a contact in an end-to-end encrypted chat.
If you and your contact are physically next to each other, one of you can scan the other's QR code or visually compare the 60-digit number. If you scan the QR code, and the code is indeed the same, a green check mark will appear. Since they match, you can be sure no one is intercepting your messages or calls.
If you and your contact are physically next to each other, one of you can scan the other's QR code or visually compare the 60-digit number. If you scan the QR code, and the code is indeed the same, a green check mark will appear. Since they match, you can be sure no one is intercepting your messages or calls.
If the codes don't match, it's likely you're scanning the code of a different contact, or a different phone number. If your contact has recently reinstalled WhatsApp or changed phones, we recommend you refresh the code by sending them a new message and then scanning the code.
If the codes don't match, it's likely you're scanning the code of a different contact, or a different phone number. If your contact has recently reinstalled WhatsApp or changed phones, we recommend you refresh the code by sending them a new message and then scanning the code. Learn more about security codes changing in this article.
Learn more about security codes changing in this article.
If you and your contact aren't physically near each other, you can send them the 60-digit number. Let your contact know that once they receive your code, they should write it down and then visually compare it to the 60-digit number that appears in the contact info screen under Encryption. For Android and iPhone, you can use the Share button from the Verify Security Code screen to send the 60-digit number via SMS, email, etc.
If you and your contact aren't physically near each other, you can send them the 60-digit number. Let your contact know that once they receive your code, they should write it down and then visually compare it to the 60-digit number that appears in the contact info screen under Encryption. For Android and iPhone, you can use the Share button from the Verify Security Code screen to send the 60-digit number via SMS, email, etc.
Are my messages and calls with businesses end-to-end encrypted?
All WhatsApp messages and calls are secured with end-to-end encryption. It's important to remember, however that when you contact a business, several people in that business might see your messages. A business may employ another company to manage its communications - for example, to store, read or respond to your messages.
The business you're communicating with has a responsibility to ensure that it handles your messages in accordance with its privacy policy. For more information, please contact that business directly. Learn more in this article on end-to-end encryption for business messages.
Why does WhatsApp offer end-to-end encryption and what does it mean for keeping people safe?
Why does WhatsApp offer end-to-end encryption and what does it mean for keeping people safe?
Security is essential to the service WhatsApp provides. We completed the implementation of end-to-end encryption in 2016 for all messaging and calling on WhatsApp so that no one, not even us, has access to the content of your conversations. Since then, digital security has become even more important. We've seen multiple examples where criminal hackers illegally obtained vast sums of private data and abused technology to hurt people with their stolen information. So as we’ve introduced more features – like video calling and Status – we’ve extended end-to-end encryption to these features as well.
Security is essential to the service WhatsApp provides. We've seen multiple examples where criminal hackers illegally obtained vast sums of private data and abused technology to hurt people with their stolen information. Since completing the implementation of end-to-end encryption in 2016, digital security has become even more important.
WhatsApp has no ability to see the content of messages or listen to calls on WhatsApp. That’s because the encryption and decryption of messages sent on WhatsApp occurs entirely on your device. Before a message ever leaves your device, it's secured with a cryptographic lock, and only the recipient has the keys. In addition, the keys change with every single message that's sent. While all of this happens behind the scenes, you can confirm your conversations are protected by checking the security verification code on your device. You can find more details about how this works in our white paper.
WhatsApp has no ability to see the content of messages or listen to calls that are end-to-end encrypted. That’s because the encryption and decryption of messages sent and received on WhatsApp occurs entirely on your device. Before a message ever leaves your device, it's secured with a cryptographic lock, and only the recipient has the keys. In addition, the keys change with every single message that's sent. While all of this happens behind the scenes, you can confirm your conversations are protected by checking the security verification code on your device. You can find more details about how this works in our white paper.
Naturally, people have asked what end-to-end encryption means for the work of law enforcement. WhatsApp appreciates the work that law enforcement agencies do to keep people safe around the world. We carefully review, validate and respond to law enforcement requests based on applicable law and policy, and we prioritize responses to emergency requests. As part of our education efforts, we published information for law enforcement about the limited information we collect and how they can make requests of WhatsApp, which you can read here.
Naturally, people have asked what end-to-end encryption means for the work of law enforcement. WhatsApp appreciates the work that law enforcement agencies do to keep people safe around the world. We carefully review, validate and respond to law enforcement requests based on applicable law and policy, and we prioritize responses to emergency requests. As part of our education efforts, we published information for law enforcement about the limited information we collect and how they can make requests of WhatsApp, which you can read here.
To learn more about your security on WhatsApp, please visit WhatsApp Security.