WhatsApp is on the way to enhanced features, and enhanced security is the ease of use. Making brand addition to that the messaging platform is bringing enhancements to its security with three new features for Android and iOS devices. This will boost the three times to users’ protection.
The company’s new ‘Account Protect’ initiative comes into play, as it will request authorization and verification on the old device before the account is transferred to a new handset or tablet. WhatsApp is known for its end-to-end encryption, there are times when malware can interfere with this secure environment. These infections can interfere with the way the app functions, sometimes even sending out messages without the user’s permission or knowledge.
Device Verification is another method that WhatsApp will use to keep users and their accounts secure. There’s a deep dive into the technology behind this feature on the Engineering at Meta website, and while technical, requires no interaction or input from the user, as it will be active at all times. Device Verification will use three new parameters to prevent certain kinds of activity from occurring in the future.
Device Verification introduces three new parameters:
- A security token that’s stored on the user’s device.
- A nonce is used to identify if a client is connecting to retrieve a message from the WhatsApp server.
- An authentication challenge that is used to asynchronously ping the users` devices.
Therefore the company believes that these three parameters help prevent malware from stealing the authentication key and connecting to the WhatsApp server from outside the users` device
Well, this feature has already been rolled out for WhatsApp users on Android. Whereas the security feature has yet to roll out for iOS users. But it will soon be here in the coming months. Additionally, WhatsApp will also enhance its current security code verification feature. In its current form, users can check the code by going to a user’s profile. But the company will begin to implement something called ‘Key Transparency’ in order to make it easier for its users to verify the code.
WhatsApp will begin using an Auditable Key Directory (AKD) that will allow users to easily and more quickly validate a code going forward.
Our approach to key transparency is two-pronged and introduces two new components:
- The server (WhatsApp) maintains an append-only AKD of public keys mapped to user accounts.
- A third-party audit record, wherein any change in the server directory is recorded in a publicly available, privacy-preserving audit record for anyone to verify.
WhatsApp does state that traditional security code verification will be the best option for users, while this new method is secure and much faster.
Before binding up let me tell you that you can directly stick to the Meta website to get the deep detail of the sane. Hope you enjoyed reading the guide stay tuned to know more via @Samnews24…
FOLLOW US ON SOCIAL MEDIA – Telegram, Twitter, Facebook, & Google News.