WhatsApp has three new security features to protect your account
WhatsApp is by far the most popular messaging platform out there. But that popularity comes at a price. Hackers are always trying to get into your WhatsApp account using SIM swap and other attacks. While the Meta-owned messaging platform offers several security and privacy measures, including end-to-end encrypted backups and chats, they don’t help in such scenarios. WhatsApp is now introducing several new security features to change this.
Right now, when you switch to a new device, WhatsApp will ask you to enter a one-time password (OTP) sent to your number for verification. Unless you have two-step authentication enabled, a hacker could easily gain access to your WhatsApp account using a SIM swap attack or if they can somehow get the OTP. WhatsApp wants to avoid this with Account Protect.
The next time you switch to a new phone, WhatsApp will send a prompt on your old device to verify that you really are switching devices. This additional step will help thwart hackers trying to gain unauthorized access to your account.
Malware and trojans are always an issue, as they can infect your phone, retrieve your WhatsApp authentication key, and then use it to send unwanted messages to your friends and family members. To prevent this, WhatsApp is introducing Device Verification, which runs additional checks in the background for account authentication. You can read more about Device Verification and how it works here.
WhatsApp has long allowed the ability to verify the security code of a chat to ensure it is end-to-end encrypted. However, this process is tedious and requires scanning a QR code and matching its content with the recipient or manually verifying that the 60-digit hash key shown is the same for both parties. The Meta-owned messaging platform is now making this process easier with Key Transparency.
The next time you tap the encryption tab in a WhatsApp chat, you can confirm immediately if the chat is encrypted. You will still need to scan a QR code, but you won’t have to verify its content with the message recipient.
These new security features are already rolling out, so they should appear for you sooner than later.