WhatsApp has been working on encrypted cloud backups for a while. This was first leaked by WABetaInfo a few months ago, which revealed that WhatsApp is testing encrypted cloud backups and that it should be launching soon.
The goal was to add another layer of privacy and security to your backed-up messages on the cloud.
Two months later, Facebook itself has now confirmed the feature and has said that it’s coming soon to WhatsApp. Facebook CEO Mark Zuckerberg has said in a recent post that WhatsApp will be the first messaging platform to offer encrypted backups at this scale.
Getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems.
Once the feature goes live, we will have two options for encrypting our cloud backups, a randomly generated 64-digit key or a password saved to a Backup Key Vault. The Backup Key Vault will store passwords in a Hardware Security Module (HSM) and it will be responsible for enforcing password verification attempts.
However, there is a major caveat involved. The HSM will block your backups permanently if there are multiple unsuccessful attempts to access them, so remembering your passwords is crucial.
Facebook has said that:
The HSM-based Backup Key Vault service will be geographically distributed across multiple data centers to keep it up and running in case of a data center outage, which is vital for a global service for billions of users.