After many requests, WhatsApp announced this Wednesday (14) that the beta version of the application will start working without the cell phone. In other words, it will no longer require a cell phone to have an internet connection to keep the program running on the Web version, on macOS or Windows.
The change is relatively important, as the software uses the smartphone as the main device and, from it, information is encrypted and protected.
Because of this, WhatsApp announced the construction of a new multi-device architecture to continue bringing security to users. Before actually changing the technology, the Facebook app explained how people’s privacy was protected.
How does WhatsApp security work?
Currently, WhatsApp uses the app on the smartphone as the main device, making it concentrate all the users’ data source. In addition, the cell phone is the only one that can encrypt and decrypt text messages, voice, calls and so on.
When a user opens WhatsApp Web, for example, the program is mirrored in the browser, only making it get a different interface. In this sense, the software keeps a single encryption key (on the cell phone), which gives access to other devices.
According to the app, this architecture “facilitates the delivery of a seamlessly synchronized experience between a phone and an auxiliary device without compromising security.” Check below the infographic that the platform released explaining the functionality of the current system.
How will WhatsApp security work?
Despite delivering security and a very mobile-like user experience, the app’s current infrastructure requires switching between devices to maintain stability. By requiring the cell phone to perform all operations, the use of WhatsApp Web, for example, is a little slower and suffers from falls, in addition to forcing the user to keep the cell phone turned on, with battery and internet connection.
To improve the user experience, WhatsApp redesigned the application’s architecture, making each device have its own identification (dispensing with cell phone dependency) from the beta version tests.
The new multi-device architecture uses a combination of technologies. According to the company, the security code has been extended to match all device identities of the same user. This is so that people and their contacts can check which devices they are sending messages and files to.
In addition, a protocol called “Automatic Device Verification” has been developed. It makes the new system easier to use, as it reduces the number of times someone needs to verify their identity. Because of this, checks will only be carried out if a person re-registers their account.
The new system will have an approach called “client-fanout”, which uses pairwise encryption to individually protect each message sent. According to the Facebook company, messages are not stored on the server and in the case of groups, the Sender Key scalable encryption scheme continues to be used.
Even with the changes, WhatsApp stressed that control in this new system will continue to include the linking of new devices from a scan of a QR Code from the phone. From the initial registration, the contact with the cell phone will no longer be necessary and the device will become “independent”.
Through the cell phone it will be possible to check all existing connections, access when they were last used and leave any of them remotely, just as the service already offers if the person is using Web Whats.
In all, users will be able to connect up to four other complementary devices to WhatsApp (in addition to the main smartphone).