DNA Explainer: How WhatsApp chats get leaked despite end-to-end encryption

On one hand, WhatsApp claims that its chats are end-to-end encrypted and no third party can intercept them, but on the other hand messages shared via the service regularly end up getting 'leaked'. Be it the recent Pegasus case or the Aryan Khan and Rhea Chakraborty case, WhatsApp chats were systematically leaked.

So how does WhatsApp claim that the company uses the impenetrable shield to keep the chats of its more than two billion users private? Actually, there are loopholes and hacks that allow third-party other than the sender and the recipient to access WhatsApp messages. How this is possible, read here.

What is end-to-end encryption?

Any content including messages, photos, videos, voice messages, documents and calls on WhatsApp is secured from third-party interception.

End-to-end encryption refers to communications that remain encrypted from a device controlled by the sender to one controlled by the recipient.

WhatsApp claims no third parties, not even WhatsApp or the parent company of the messaging app, Facebook can access the content in between.

Messages are 'secured with a lock' when it leaves a device with only the sender and recipient in possession of the special key needed to unlock and read them.

The encryption feature operates automatically and there is no need to turn on settings or set up special secret chats to secure your messages.

Signal encryption is used for this purpose which is basically a cryptographic protocol that was developed by Open Whisper Systems in 2013.

WhatsApp clarifies that communications with a recipient who uses a vendor to manage their endpoint are not considered end-to-end encrypted.

How does WhatsApp chat gets leaked?

The so-called 'leak' of messages is more often nothing but screenshots of chats that a recipient or somebody accessing it shares with others.

WhatsApp even notes that this is there in its privacy policy under a subhead called 'Third-Party Information'.

In recent cases like that of Aryan Khan or Rhea Chakraborty, the law enforcement officials actually got access to phones to read the messages.

One can even access the deleted WhatsApp chats stored on the phone's device.

Nevertheless, there are tech backdoors that exist through which private WhatsApp chats can be accessed.

Cloning of a phone enables a copy to be made of all the contents of a particular phone, giving cloner access to the data.

The spyware can be installed secretly in a phone, which then provides constant access to all actions performed on the device.

The Pegasus spyware developed by an Israeli company managed to reveal all WhatsApp chats to the entity operating the spyware.

A common mode of accessing WhatsApp chats has been through the backup of chats that WhatsApp stores on the cloud.

WhatsApp itself does not provide cloud storage and backs up messages with a third-party cloud provider, like say Google Drive or iCloud.

Storage on the cloud is not encrypted and if a user's cloud storage is hacked, then access can be obtained to backup chats.