Everything you need to know about Whatsapp Security

Everything you need to know about Whatsapp Security

is whatsapp secure ? Lately, whenever we wanted to maintain constant communication with others, we moved to share our WhatsApp accounts. We chitchat, share, receive and reconnect with others from around the world. It doesn’t happen in a vacuum that 1 million people do register on WhatsApp daily. Indeed, the app has managed to remain at the top of the list of the most popular messaging apps for nearly 10 years now. Despite the increasing number of daily active users in WhatsApp, up to 300 million users, many still question the privacy and security of the files and pictures sent via WhatsApp.
Therefore, is the safety of your data emphasized as a big deal in WhatsApp? This question is a highlight when it comes to the projected trends in the number of WhatsApp users’ satisfaction after being owned by Facebook.

“Privacy and Security is in our DNA,” WhatsApp Declared

According to WhatsApp, a giant control over any kind of information sent via WhatsApp platform is secured; let it be a photo, video, voice message, document or call. WhatsApp has assured to intensify more efforts to keep any third party out of interference. To this end, WhatsApp adds more layers of protection in the form of end-to-end encryption and backup to cloud methods.

End-to-End Encryption

As a definitive security mechanism, end-to-end encryption means that a message is coded on the sender’s device and decoded on the recipient’s device. As WhatsApp has made clear, it transforms every data sent into encrypted codes that no one but the sender and receiver can read its content. Also, for more security purposes WhatsApp has excluded itself from the picture in order not to give any chance of interference between the two users. This process is automatically undertaken by WhatsApp.

  1. Two different keys are created (public & private) when the user first opens WhatsApp. The mechanism of encryption is set on the phone itself.
  2. The private key will stay with the recipient, whereas the central WhatsApp server passes the public key to the receiver.
  3. Even before it hits the centralized server, the public key encrypts the sender’s message on the phone.
  4. The encrypted message is transmitted via the server.
  5. The message can only be opened using the receiver’s private key.
end to end encryption

How Do You Verify that WhatsApp is Using End-to-End Encryption?

You can assure the mechanism of encryption that WhatsApp has brought into practice through simple taps you perform manually:

  1. Click in the contacts name on WhatsApp to open the info screen.
  2. Tap on “Encryption”.
  3. Scan your contacts’ QR code or visually compare the 60-digit number.
  4. In case they match, your chats are encrypted.
encryption 2

Is the Government Proposal to Have a Backdoor Through the Users Data Compatible with End-to-End Encryption?

WhatsApp has always considered this proposal as troublesome. It clarifies that this won’t just open the data to government agencies but to cyber criminals too. It is a risky step to give some official agencies access to the data of its users in order to help reveal the identity of some terrorists and invaders. Furthermore, at the same time, this backdoor will expose millions more innocent people to danger. WhatsApp has made it clear when it can collaborate with law enforcement officials who ask for user information regarding serious issues of imminent harm or risk of death or physical injury. That is to say, WhatsApp will “search for and disclose information that is specified with particularity in an appropriate form of the legal process and which [WhatsApp is] reasonably able to locate and retrieve.”

What Other Apps that Have End-to-End Encryption?

WhatsApp isn’t the only app in the market with this master feature. There are some other encrypted messaging apps helping you to stop people from snooping on your conversations. For example, Signal, Telegram, Wickr Me and Line. However, the encryption in these apps is not enabled by default, while end-to-end encryption is always activated in WhatsApp, and there’s no way to turn it off.

Cloud Backup

WhatsApp displays an option for you to backup all messages by uploading a copy of your data on Google Drive (Android) or iCloud (iPhone). This makes an advantage when you are changing phones and need to restore your WhatsApp account. It is important to understand that backing up your account within WhatsApp isn’t equivalent to exporting WhatsApp content beyond WhatsApp. To put it simply:

  • Backups are stored in an encrypted WhatsApp database format. This method can’t be accessed outside WhatsApp. To back up chats: Go to WhatsApp > tap More options > Settings > Chats > Chat backup > BACK UP.
chat back up1
  • Exporting content to your Google Drive isn’t encrypted and can be opened and read outside WhatsApp. You can use the export chat feature to export a copy of your chat history from an individual or group chat. Open the individual or group chat and tap More options > More > Export chat > Choose whether to export with media or without media.

You may be feeling more secure and in safe hands after reading all that WhatsApp has to offer in terms of privacy and security. Yet, let’s dive deeper.

To Shed Light on Some of WhatsApp Drawbacks

Nothing in this world is perfect, and it is known that human is to err, even for an app that is used worldwide with more than 65 billion messages sent per day.

No way but a third party involved

It is great to have an option when you are in a pressing need to change your phone while keeping your data saved. However, you still lose control over what is hit via WhatsApp. That is to say, security isn’t 100% guaranteed as all that you share can be screenshotted, forwarded or stored on other devices. It is not calming to get to see your words are shattered around with more than a third party! But that doesn’t necessarily mean to have it only from individuals you are talking to, but, indeed, it may involve another reason where WhatsApp choose to invest your data for promotional purposes. Proceed reading to understand how.

Malware Threat

Secondly, you must have already received some infected links or files via WhatsApp enticing you to take action, and then, boom! You fall a victim to a malware threat. You have no idea how vulnerable your data becomes when exposed to such malware threats due to some bugs allowing hackers to use malicious ways to attack your device. For example, WhatsApp sues Israel’s NSO firm for illegally helping spies hack phones of roughly 1,400 users across four continents. It was of a serious matter, for their targets included diplomats, political dissidents, journalists and senior government officials.

It can be simpler since a malicious GIF inserted in your device through any channel can essentially put all the content of your device at risk.

Have you come across the nickname “Agent Smith”?

It is another threat announced to have attacked Android devices without having their users alerted. According to Forbs, “Agent Smith” is considered as, ” the worst attacks on Android operating system in the recent memory.” They declared that it only intends to pop up some advertisements when the user opens WhatsApp, but who knows whether such malware will go beyond the ad. It goes into far more burdensome and dangerous purposes, such as banking credential theft and eavesdropping.

WhatsApp Sharing Data with its Parent Company Facebook

WhatsApp updated its Terms of Service and Privacy Policy and included that now it is part of the Facebook family of companies. This moves it to share some information with Facebook in an attempt to improve user’s experience in all of the Facebook family of companies. The information shared will include account information, your phone number and last time you used WhatsApp services. The good part is that the end-to-end encryption is still activated and nothing you share with your chats can be seen by neither WhatsApp nor Facebook staff. It states that the reason behind connecting your phone number with Facebook is helping you find better friend suggestions and more relevant ads. Moreover, it claims that this will help count unique users and fight spam and abuse. The matter starts now with sharing phone numbers, but who knows what other plans Facebook has for the most popular messaging app ever. Brian Acton, a founder of WhatsApp, has a different perspective of Facebook as he says, “I sold my users’ privacy to a larger benefit. I made a choice and a compromise. And I live with that every day.” He anticipates that Facebook’s next plan is making money from WhatsApp by showing targeted ads in WhatsApp’s new Status feature. This is the thing that will destroy Acton’s ever hardworking motto of maintaining an ad-free app, while Facebook is acting as just businesspeople do.

How Safe Are Your Photos on WhatsApp?

As we aforementioned, you should always keep in mind that hacks do occur. When hackers mean to pry on your information and pictures, they will work day and night to drag them out. Also, this process gets easier when you connect to insecure Wi-Fi networks, like that at the airport or crowded coffee places on the street. Well, the data plans, in this case, represent a more secure option for you. Visit here to know more about how Numero eSIM Data Plans will save your back.

Although you can block your WhatsApp from storing sent and received photos on your phone’s photo albums, you still should make sure your private photos stay private. The good news after the end-to-end encryption has enabled, WhatsApp stores all communications including audios, videos and images on its servers upon sending until all recipients have received them. Once all recipients have received the photo, it’s deleted from WhatsApp’s servers. This is why it tells you when you click on an old photo sent via WhatsApp ” can’t view this photo because it’s no longer on your phone.” And they remain blurred in your chats! It is still concerning because your media can be stick in there for not less than 30 days.

After all, you should always act like they are stored forever. Also, just be smart about who you are sending pictures to and smarter about what kinds of pictures you send.

Change your WhatsApp Number/Phone Without Losing your Data

First: Changing your WhatsApp Phone Number

WhatsApp has covered all that you need when you change your WhatsApp number. That is, you have the “Change Number” feature allowing you to change your number in WhatsApp on your same phone:

Tap on Settings < Account < Select "Change Number" < Enter both your old and new phone number < Tap "Done" < Verify your phone number

change Number 1
change number 4

After using this feature, the account associated with your old phone number will be deleted, and your profile information, groups and setting will be migrated to your new phone number.  WhatsApp enables you to notify your contacts of your new phone number without going through the hassle of informing them all individually.

Second: Changing Your Phone into a Different Type

It is worth mentioning that all your information is tied to the phone number. For example, if you want to change your phone from an iPhone to an Android without changing your number, you can simply download WhatsApp on the new phone and verify your same number. Yet, you have to note that changing the type of phone doesn’t allow you to migrate messages.

Third: Changing Your Phone into a Same Type

Changing your phone from, for example, Android to Android gives an option to migrate your messages. That is, you can transfer your WhatsApp data to a new phone by restoring from Google Drive or a local backup. Check how from right here.

Is your old account subject to hacking if you forget to delete it? In case the new owner of your old number activates WhatsApp on his new phone after 45 days, all of your account information linked to that phone number will be removed entirely. However, in all cases, stay safer by wiping all your data and SD card before giving away your old phone. This is for further insurance that no one will reach your data.

Cases That Cause Temporarily Banned Accounts

You may receive a notification informing that your account is “Temporarily Banned” due to some violation you have broken related to WhatsApp terms and conditions. Misuse of WhatsApp my drive your number to be on the ban list when:

  • Sending illegal, offensive, defamatory or dangerous messages.
  • Sending rumors, links with malware or ethically harassing materials.
  • Impersonating someone.
  • Sending too many messages, automated and bulk messages to those users not on your contact list, for this is considered ad spamming messages.
  • Playing or tweaking WhatsApp’s code.
  • Sending viruses or malware to other users.
  • Using any other unofficial and unsupported WhatsApp apps, such as WhatsApp Plus, GB WhatsApp, or WhatsApp Gold, etc.
  • Getting blocked by multiple users in a short period.
  • Getting reported by many users.

To reactivate WhatsApp after it has suspended, you first have to commit to WhatsApp rules, understand the case you have violated and act accordingly. In case you haven’t done serious damage, your account may be banned for a minimum of 48-72 hours. If it takes a longer time for WhatsApp to remove the ban, you need to send an email to support@whatsapp.com and politely inquire for reactivation. On the contrary, it may be suspended for life if the act you have pursued has dangerously occurred. Then all that you have in hand is creating a new account with a new phone number.

WhatsApp Privacy Tips

  • Gain the Permission of Others

Before getting yourself in trouble for sending many messages for numbers not saved in your contacts, make sure to provide your number first and tell where you have got their numbers and for what purposes. This is usually encountered by marketers who want to run their marketing campaigns. Above all, you have to respect their refusal of sending more messages to them or adding them to unknown groups. Moreover, don’t share numbers without the consent of their owners.

  • Avoid the Overuse of Automated Messages or Broadcast List

Remember you are dealing with human beings who may accept your automated messages twice or three times a day, but the overuse of them may turn in reverse. That said, these messages may result in getting your number blocked or reported by many users.

  • Avoid the Spreading of Fake News and Rumors

Having the forwarded message labeled when sent to you is good enough for you to determine that the sender doesn’t write it themself. Here you may question the credibility of the message and rethink twice before resending it to others. Therefore, paly the role of a dedicative when receiving misleading news or media so that you won’t be the reason of spreading rumors.

  • Avoid Weird Messages from Unknown Users

If you receive any message or link that you are not pretty much sure about its content or source, secure your account and data and never click on it, especially when it contains offers of free stuff. It can be a risky hacking or malware destroying your phone or invading your information.

  • Lock your Phone and Apps

It is true that WhatsApp doesn’t provide you with the ability to set a password before entering the app. However, there are some other third-party apps that can help you out to keep your phone and WhatsApp Account away from any exploitation. For example, try Applock by DoMobile Lab or AppLock Pro, to set a password for your WhatsApp and other apps.

  • Control Who Sees Your Information

In your Privacy settings, you can decide who can see your last seen, profile photo and status; everyone, your contacts or nobody. Also, you can control who can interact with you by blocking/unblocking contacts.

Also, you have the option to as you may no longer prefer to be exposed to others and have them tracking your last check in WhatsApp. Therefore, you can disable last seen feature from WhatsApp:  Settings > Account > Privacy > Last Seen > Switch to Nobody.

Furthermore, you can hide the Blue Ticks. Need to get yourself out of the trouble of replying to the tons of messages in WhatsApp? You know you can prevent them from r realizing that you have read their messages, yet you will have the same issue back as you won’t see their receipt of your messages either. Settings > Account > Privacy > Untick Read Receipts.

You can also hide some chats from the prying eyes through the feature of archiving them, and to view then again, you can scroll down all the way in the conversation list. Just perform a long-press on the target chat and choose the “Archive” tap from the top Action Bar.

You don’t guarantee your friends or family members to feel curious to see your notification, do you? Turn them off! You can pass your phone to whomever while resting assured nothing will be previewed but the contact’s name. Settings > Notifications > Toggle off Use high priority notifications.

  • Turn on Security Notification

Turning on security notification enables you to know who access your account in another device. As a result, a security code is generated for both phones, and WhatsApp can send a notification when the security code changes.

Security > Show security notifications and flip the toggle to green

  • Enable Two-Step Verification

When doing so, you will need to enter your PIN when registering your phone number with WhatsApp again.  Account > Two-step verification > Enable.

Two-Step Verification 1
Two-Step Verification 2
Two-Step Verification 3
Two-Step Verification 4
  • Always Log Out WhatsApp Web

For making networking life much easier, WhatsApp works on the PC, too. The WhatsApp Web allows you to maintain your contacts while working on your PC. However, you still have to log out from WhatsApp Web every time you finish using it on the PC, for this will protect your messages from being read by anyone who uses the PC.  If you’d like to learn a bit more about the WhatsApp Web, we’ve broken it down further for you here.

  • WhatsApp Is Encrypted, the Cloud Is Not

In case you decide to back up your WhatsApp data and restore them via the cloud or any other external server, no encryption is anymore ensured. The hacking of your data will be easier because hackers won’t need to hack your WhatsApp account. Instead, they can access your data by directly hitting your drive. You can explore ways to make sure the cloud you are using to back up your data is clear and safe, for example, here Google has explained a few steps to make your account more secure.

Steps You Should Take for Your Stolen Account/Phone

It is uncommon to have your account stolen without sharing the SMS verification code with others or losing your phone.

  1. The first thing to do when you suspect that your account is stolen is notifying your contacts of friends and family about the issue so that no impersonate acts occur.
  2. You need to delete the WhatsApp app you have and reinstall another one.
  3. Sign into the new WhatsApp app with your phone number being used by someone currently and verify your phone number by entering the 6-digit code you receive via SMS.
  4. Only after you enter the 6-digit SMS code will the other party automatically log out from your account. WhatsApp indicates, “you might also be asked to provide a two-step verification code. If you don’t know this code, the individual using your account might have enabled two-step verification. You must wait 7 days before you can sign in without the two-step verification code.”

Sometimes you, unfortunately, can’t help the loss of your phone and need a way to assure that no one is seeing your personal WhatsApp. Therefore, you have to run and lock your SIM card so that whoever is using your lost phone won’t be able to verify the account. After that, you buy a new SIM card with the same phone number to reuse your WhatsApp account again and have it deactivated on the stolen phone. This is because “WhatsApp can only be activated with one phone number on one device at a time.” You also can email the WhatsApp team with the phrase “Lost/Stolen: Please deactivate my account” to help you out.

Also, you can contact WhatsApp to assist you either by opening WhatsApp > Settings > Help > Contact Us or sending your question via the website.

WhatsApp Group Chats

While you enjoy talking with group chats of friends and family members, some people out there might have their hungry curiosity been fulfilled by tracking your group messages through some tricks. The end-to-end encryption of WhatsApp may not help you out in keeping your group chats private. That is, groups are usually open to joining by direct invitation within the app or by creating a digital invite link that can be shared wherever possible.

As long as this link is posted publicly on the internet, it can be indexed by search engines like Google. This allows simple search words to take them out. Therefore, anyone finding a group link online can join the chat and probably invade the group information along with the members’ phone numbers and WhatsApp usernames.

Some hacking experts reveal that group chats are vulnerable to spying despite end-to-end encryption. That is, some researchers point out that a backdoor can be hacked upon the server letting anyone with access to the server, let be staff or any interfering third party, to add new members to the group without any permission and allow these invaders to obtain the encryption key. Therefore, a masked spy inserted from the server end can gain access to the keys shared by the phone of every member on the group and can now see all the decrypted messages.

Handle the issue via the group chat settings to put more control in your hands of the annoying groups invites. Go to Settings > Account > Privacy > Groups, and then decide who can add you to groups; everyone, your contacts or your contacts with exceptions.

groups chat

Can a WhatsApp Group Get Hacked?

When one of the group members’ account is being hacked, hackers can be able to read messages in the group

if it happens for that person to be the admin, hacker can also able to add or remove some members and change the setting of that group.

Well, Privacy Isn’t Often About Hacking Threats, Is It?

Sometimes it isn’t about a hacking threat that makes us nervous. Nevertheless, it is the crowded contact list that is mixed between business and personal contacts driving us to feel that our privacy is actually on the edge. For feeling more organized and secure, get to use WhatsApp Business to track your business contacts and follow with your customers and employees away from your personal chats and social life. This remarks many advantages that WhatsApp Business has over WhatsApp Messenger, as clarified in here.

Therefore, WhatsApp Business account needs another phone number. Hence, you can get yourself a second number for WhatsApp and clean up the mess your discorded contacts have caused.

Nope! We are not saying to buy another SIM card and share your ID again to buy another number, nor you have to buy a another or Dual-SIM phone to benefit from the suggestion. Instead, you can have another phone number virtually via an application that provides these numbers using VoIP services. For example, Numero eSIM. It grants you the potentiality to have a perfect work-life balance. See here how to activate your WhatsApp using virtual phone numbers and the benefits behind it.

You know you can hit two birds with one stone! Here is how

You can activate a virtual phone number for WhatsApp as a professional channel of communication for your business to receive inquiries for sales and support. At the same time, you are enjoying the chat with your family members and friends on the other private number. Isn’t it cool? Moreover, you can go on job interviews, place marketing calls or better yet publish it on your website to receive calls from your customers and other business associates with the world’s most downloaded communication app while you are protecting your privacy. Visit here to know more regarding why you are to get a virtual phone number for WhatsApp.

All in all, Shall You Keep Using WhatsApp?

Among 99% of messenger applications, the answer is yes. Certainly, it’s still one of the best options you can use if you want to easily encrypt your communications. After all, you are to protect your privacy by being careful about your personal life and private pictures.

Note: Steps herein are valid for the time this blog is written and may change in future versions of WhatsApp.

Decided Not to Use WhatsApp? Here are Some Alternatives

Here are some apps that won’t let you miss WhatsApp:

It is a free app for everyone, and it works on iOS, Android and Desktop. It is used to send one-to-one and group messages which can include files, voice notes, images and videos.

Pros Cons
End-to-end encryption
Doesn’t keep user data Fewer users
Anyone intents on tracking your internet use can see you’re using Signal. However, they won’t be able to read your messages. Not attractive design
Has basic instant messaging app features No animated emojis

Telegram is a popular alternative to WhatsApp. Like WhatsApp, Telegram allows its users to see the double ticks to know that the person received your message. Also, its end-to-end encryption is designed for voice calls, but it needs to be manually turned on for messages.

Pros Cons
Cloud-based App Manual end-to-end encryption
Open-source software No voice messages
Auto Night Mode Restricted features
Available in Multi-Platforms

We Chat is a Chinese multi-purpose messaging, social media and mobile payment app. It has most of the facilities of WhatsApp including flawless voice messaging, easy ways to find friends and search for contacts. It is more than a chatting app because there are gaming, shopping and even electronic payment features, so it is a new channel for e-commerce. However, it doesn’t have the ‘Online’ status feature, and there are issues unguaranteed when it comes to some security risks, such as the content of the instant messages and the data you have about your customer.

It is a free app available for iOS and Android. Its wide world popularity can’t be ignored, for users enjoy sending texts, voice and videos, as well as store messages and media to easily share later with friends. Yet, to get to use more features you have to pay more money. After all, it is worth going for because it has the end-to-end encryption feature called “Letter Sealing”.

Have you gone through any threats while using WhatsApp? Do you suggest any other better chatting applications? Do comment below with other helpful thoughts. Think of a better conclusion.

Leave a comment