WhatsApp has had end-to-end encrypted chats for quite some time now. While this ensured that no one—besides the sender and the receiver—could read messages in transit, the chat backup feature on the platform had a major security flaw that allowed third parties to get hold of conversation between individuals.

end-to-end encrypted whatsapp backups
IMAGE: WhatsApp

To fix this, WhatsApp recently introduced end-to-end encryption for cloud backups that adds an extra layer of protection to your iCloud and Google Drive backups to prevent unauthorized access to your chat backup. However, unlike end-to-end encryption, encrypted backup isn’t enabled by default, and you have to enable it manually if you wish to add an extra level of security to your WhatsApp backups.

To guide you in the process, here’s a guide explaining the rationale behind protecting WhatsApp backups with encryption and detailing the steps to enable end-to-end encryption for WhatsApp backups on Android and iOS.

What Are End-to-End Encrypted Backups on WhatsApp?

Until WhatsApp rolled out end-to-end encryption for backups, all WhatsApp backups to Google Drive and iCloud were stored in an unencrypted format. This led to a loophole that third parties (individuals or agencies) would exploit to access conversations between two parties and negated the benefits of end-to-end encryption for chats in the first place.

But amidst rising controversies and growing concerns about users’ data, WhatsApp finally took a stand and introduced end-to-end encrypted chat backups on the platform.

While, by definition, end-to-end encryption (E2EE) refers to encrypting data as it moves between devices (usually from one client device to another), it doesn’t hold true for stored data. However, WhatsApp’s end-to-end encrypted backup is achieved by generating a unique encryption key to encrypt your chat backup on the device, while the encrypted backup still gets uploaded to cloud storage (Google Drive or iCloud) as before.

After this, it gives you two options to secure the backup encryption key. One option is to secure the key manually, while the other is to protect it with a user password. With the former, when you want to retrieve your WhatsApp backup, you need to manually enter the 64-digit key to decrypt and access your backup.

e2ee backup using 64-bit encryption
IMAGE: WhatsApp

On the other hand, if you choose to use a password to secure the encryption key, the key gets stored in a backup key vault based on a hardware security module (HSM), a specialized hardware device used to store encrypted keys securely. Then, when you want to retrieve your WhatsApp backup, you need to enter the password to decrypt it.

e2ee backup using user password
IMAGE: WhatsApp

How to Enable End-to-End Encrypted Backups on WhatsApp?

To begin with, make sure you’re running the latest version of WhatsApp on your Android or iPhone. If not, first, upgrade WhatsApp, and then follow the steps below to turn on end-to-end encryption for WhatsApp backups on your account:

  1. Open WhatsApp and head over to the Settings.
  2. Tap on Chats and go into Chat Backup > End-to-end Encrypted Backup. And, click the Turn On button.
    enable e2ee backup on whatsapp
  3. You’ll now be asked to either create a password or use the 64-digit encryption key instead. Depending on your preference, click on an option here.
  4. If you choose to use a password, enter a password on the next screen. Alternatively, if you decide to go with the encryption key, click on the Generate Your 64-digit key button on the following screen.
    enable e2ee backup on whatsapp
  5. Hit Next, and finally, click Create to create an end-to-end encrypted backup of your entire WhatsApp chat.

Now, when you wish to restore your encrypted backup, you’ll need to enter the password or the key—depending on which option you went with at the time of creating the backup—to decrypt and restore it successfully.

Do note, however, that you must deselect WhatsApp from the apps included in your device-level backups to avoid taking backup of your WhatsApp chats in unencrypted form.

At any time, if you wish to opt-out of encrypted WhatsApp backups, you can follow the same steps you did to enable it to turn off end-to-end encrypted backup on your account.

Securing Your WhatsApp Chat Backups to Prevent Unauthorized Access

With end-to-end encrypted backups now available on WhatsApp, you can back up your WhatsApp chats (messages and media) to your backup service provider (Google Drive or iCloud) in an encrypted manner. That way, only you can decrypt and access your backups using the encryption key, and in the event that your WhatsApp backup ends up in someone’s hand, they won’t be able to decrypt it and read your messages.

Bear in mind that you must save your 64-character encryption key or your backup password in a secure manner, as forgetting or losing access to it can result in the loss of your entire backup. In which case, you’ll have to go over and create an entirely new backup with a unique encryption key once again.

FAQs About Encrypted WhatsApp Backups

Yes, it's completely safe to backup WhatsApp messages on Google Drive, especially now that WhatsApp encrypts your, which ensures no one—besides you—can decrypt and access your chat backups.

Encrypted backups on WhatsApp are essentially backups that are encrypted using an encryption key and can only be decrypted and restored when you have access to the encryption key. Much like regular cloud backups, end-to-end encrypted backups are also stored on cloud-based services like Google Drive (on Android) and iCloud (on iOS).

As mentioned earlier in the guide, WhatsApp backups aren't encrypted by default. WhatsApp offers end-to-end encrypted backup as an optional feature, and it has to be enabled manually on your account from the WhatsApp settings.

Further Reading:

Was this article helpful?