WhatsApp’s unsafe, but Signal isn’t the silver bullet.

Banks and governments have been flocking away for years and it’s why I built Worldr.

October 20, 2021

If you haven’t been following the WhatsApp news as closely as I have:

A) I don’t blame you. There’s more to life than End-to-End Encryption.
B) Here’s a brief summary of what went down in the first half of January 2021:

In early January, WhatsApp (owned by Facebook since 2014) sent a notification to all of its users forcing them to accept its Privacy Policy, which includes terms to share their data with Facebook. With questions over the transparency of the data that would be shared, and issues of public trust in Facebook’s existing data management practices — many WhatsApp users saw this as a third strike and flocked to potentially more secure messaging tools such as Signal. Since then, WhatsApp’s been (reportedly) scrambling and buying up ads in newspapers to reverse the exodus. In short, for millions of users, WhatsApp was demoted from “Simple. Secure. Reliable Messaging.” to … “Simple messaging”.

But here’s where it gets a little more nuanced: WhatsApp messages are just as encrypted as Signal. So why are millions of users really flocking away from WhatsApp?

To answer this we need to understand the basics of “End-to-End Encryption” (E2EE) which ensures that only you and the person you’re sending messages to can read the information shared.

To exchange messages securely — the sender needs to know the public key of the recipient. The recipient must then know their unique private key to unlock/decrypt the message sent to them. The public keys are accessible to anyone, but the private key is only known by the recipient. So if the recipient loses the private key — by design, there’s no way for them to retrieve the messages.

In that regard, WhatsApp does technically tick the box of “End-to-End encryption”. But the way WhatsApp stores your data can essentially circumvent the idea of End-to-End Encryption, and therefore render it useless. Here’s the problem:

Once you read a message, you’re technically “decrypting” the message (there’s a hacker in all of us). When you do that, normally your WhatsApp conversation gets backed-up in the cloud, whether it’s in iCloud or Google Drive. The primary “official” reason for WhatsApp doing this is to help you recover past messages when you switch phones. However, in the process of being backed up — your messages are no longer E2EE, but encrypted by WhatsApp in a way that now means WhatsApp has the private key, and is technically able to decrypt all your back-ups.

So there is now this dangerous and ill-advised situation, where your data is living in a cloud provider somewhere, and WhatsApp owns the private key to decrypt that information! This leaves you rather helpless in the case of a data-breach, helpless if third parties have a reason to want to read your messages, and essentially can leave all your data at a high risk of being compromised.

Indeed, WhatsApp’s Privacy Policy explicitly states that:

We may collect, use, preserve, and share your information if we have a good-faith belief that it is reasonably necessary.

This is why Elon and many thousands are pushing for a mass-adoption of Signal.

Signal is by design more secure than WhatsApp because they do not store your data in the cloud. All Signal messages, pictures, files, and other contents are stored locally on your device. These contents, including backups, are only readable by the users of the app, provided they have the private key to unlock the contents. So it’s a perfectly safe and closed (if less convenient) ecosystem: Data is encrypted so that only people with a private key can access the contents of their messages + the data is stored locally and (crucially) not in the cloud which protects you from third parties getting a hold of your data.

Here’s a drawing of the “security ‘berg” which illustrates my point: Although it has been the bulk of the conversation in the media, End-to-End Encryption is only a tiny portion of what makes a communication tool secure; where and how data is stored represents the much much bigger determinant of security.

But hold on, there’s more to this. Signal is still lacking in 1 crucial aspect of communication: Work communication. Walk with me:

In regulated and data-sensitive industries such as government, finance and law, corporations need a communication tool that has 2 seemingly opposite security features:

  1. The messages need to be completely inaccessible by outside parties.
  2. Those messages need to also be fully accessible by the corporation as a whole.

The first point is well understood, the second point takes a little more explaining:

Let’s take the very real example of a bank: If brokers communicate privately amongst themselves via a chat like Signal and decide to break rules — there would be absolutely zero paper-trail to track and no recourse for the bank. They would no longer be able to control what and how information is shared, leaving a huge gaping security hole in their organisation. Without visibility on internal chats by the corporation, the encrypted chat becomes a free-for-all for mass fraud.

This exact issue is what’s getting bankers suspended for texting using the wrong app, why Erdogan is throwing a fit in Turkey around WhatsApp, and why the FCA, the SEC and many regulators are clamping down on similar tools.

In short: For regulatory, compliance and security reasons, corporations need to be able to access the private keys of their individual users and that’s where Signal falls short.

I saw this problem first-hand in the early days as the first employee of CoinShares, a cryptocurrency asset management firm with over $3.5B AuM. We couldn’t use Slack, or Signal and we certainly couldn’t use WhatsApp either. Much like big banks, law firms and governments we had to choose between security and seamless collaboration — We couldn’t have both. Like many, we sacrificed efficiency of collaboration for security.

And that’s what’s kept me up at night for the past 5 years. Bringing hyper-efficient collaboration in the workplace while maximising security by ensuring that:

  • Each company retained all of their own data locally
  • Each company controlled all of their own private keys

These are the founding pillars of Worldr which I co-founded with an international law veteran, and an all-star team, best encapsulated by a Lead Designer from Bumble, and a PhD in Theoretical Astrophysics. We’re already in-market with a Beta for highly regulated government agencies, law firms and banking institutions — but we’re only just getting started.

So, in conclusion, WhatsApp’s “End-to-End Encryption” is all smoke and mirrors because when you back-up your data, it is no longer E2EE, and instead is encrypted by WhatsApp in a way where they have the private key — and ultimately, whoever owns the private key, essentially owns the data. Signal is benefiting incredibly from the scandal and the Elon tweets that followed — But even though Signal is secure at the consumer level, it’s incredibly problematic at the corporate level. Companies need to be able to access messages shared among employees for compliance and security reasons. And that’s where Worldr fits in.

The only way forward is data self-sovereignty — localising data, and retaining private keys.

- Max

Follow usTwitterLinkedIn