{"id":33684,"date":"2024-06-08T02:42:03","date_gmt":"2024-06-07T15:42:03","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/?p=33684"},"modified":"2024-06-08T02:42:03","modified_gmt":"2024-06-07T15:42:03","slug":"whatsapp-privacy-security","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/whatsapp-privacy-security\/33684\/","title":{"rendered":"Setting up both security and privacy in WhatsApp"},"content":{"rendered":"

Despite being owned by Meta \u2014 a company frequently criticized for privacy issues \u2014 WhatsApp remains the most popular instant messenger in the world. Surprisingly, it\u2019s also one of the most secure. In this post, we discuss why this is the case, and explain how you can further fortify your WhatsApp conversations with the right privacy and security settings, as well as protect your smartphone with our security solutions<\/a>.<\/p>\n

WhatsApp end-to-end encryption: always on<\/h2>\n

The most important thing to know about WhatsApp\u2019s security is that all communications are securely protected with end-to-end encryption. It\u2019s powered by the Signal Protocol<\/a>, developed by the creators of the independent privacy-focused Signal<\/a> messenger. This is an open protocol, so anyone (with the necessary know-how, of course) can scrutinize its source code<\/a> for bugs and backdoors.<\/p>\n

What this means for you is that all text and voice messages (be they in one-on-one or group chats), along with images, videos, documents, and calls, are encrypted on the sender\u2019s device and only decrypted on the recipient\u2019s device.<\/p>\n

This ensures that even WhatsApp itself has no technical ability to snoop on your conversations. This also creates an impenetrable barrier for cybercriminals attempting to intercept messages, whether in transit or by compromising WhatsApp\u2019s servers.<\/p>\n

The use of end-to-end encryption for all messages sets WhatsApp apart from Telegram<\/a>. While Telegram touts its security features, end-to-end encryption isn\u2019t on the default. It\u2019s relegated to so-called \u201csecret chats\u201d, which must be specially created \u2014 and which, unfortunately, almost no one ever uses<\/a> for various reasons.<\/p>\n

How to make communication on WhatsApp even safer<\/h2>\n

So, we\u2019ve covered what makes WhatsApp secure at the base level. Now, let\u2019s explore how you can bolster your defenses against surveillance, unauthorized access to your messages, and other threats to your privacy and security. This involves a bit of fine-tuning within WhatsApp\u2019s settings. Let\u2019s get started\u2026<\/p>\n

How to protect WhatsApp from being hijacked<\/h3>\n

The first thing you should do is to fortify your WhatsApp account against hijacking. WhatsApp accounts are tethered to phone numbers. Therefore, if someone takes control of your number, they can also access your WhatsApp account. This could happen intentionally through a SIM swapping attack<\/a>, or through an unfortunate consequence of number recycling: if you don\u2019t pay your phone bill on time, the operator could disconnect your number and reassign it to another subscriber.<\/p>\n

To protect against this threat, enable two-factor authentication<\/a> for WhatsApp. Navigate to Settings \u2192 Account \u2192 Two-step verification<\/em> and set a PIN code to confirm account logins.<\/p>\n

In addition, you can link an email address to your account. This provides a lifeline if you lose access to your phone number. You can enable this in Settings \u2192 Account \u2192 Email address<\/em>.<\/p>\n

Beyond PIN codes, WhatsApp offers an alternative option for confirming account login: so-called \u201cpasskeys\u201d. We\u2019ve dedicated a separate post<\/a> to discussing what these are and how they work. To enable this option, go to Settings \u2192 Account \u2192 Passkeys<\/em>.<\/p>\n

I also recommend making it a habit to audit the list of devices logged into your WhatsApp account. You can find this list in Settings \u2192 Linked devices<\/em>. If you spot any suspicious entries, play it safe and log out of that session by selecting the device and tapping Log out<\/em>.<\/p>\n

How to protect your WhatsApp chats from prying eyes<\/h3>\n

The next step is to ensure that your conversations remain private \u2014 even if your phone falls into the wrong hands. To do this, first and foremost, enable the screen lock in your phone\u2019s settings. Don\u2019t forget to disable message previews in WhatsApp push notifications on the lock screen, so no one can read your secrets without unlocking your smartphone \u2014 this is done in the Notifications<\/em> section of your smartphone settings.<\/p>\n

It\u2019s also a good idea to enable WhatsApp\u2019s own app lock, in case you forget to lock your device. To do this, head to Settings \u2192 Privacy<\/em>, scroll down almost to the bottom, and locate App lock<\/em>. I recommend choosing After 1 minute<\/em> \u2014 this strikes a good balance between security and convenience. This way, if you switch from WhatsApp to another app, you\u2019ll have one minute to return to your messages, after which you\u2019ll need to unlock WhatsApp using your chosen method. However, keep in mind that if you leave your smartphone unattended with an open chat and the screen on, WhatsApp won\u2019t automatically lock until the screen times out.<\/p>\n

Another way to keep your confidential information away from prying eyes is to lock chats. Such chats disappear from your main chat list and reside in a separate folder. To hide a chat, tap the contact\u2019s profile picture, scroll down, and tap Lock chat<\/em>.<\/p>\n

Situations may arise where you need to quickly get rid of locked chats and their contents. WhatsApp makes this easy to do with a single button: go to Settings \u2192 Privacy \u2192 Chat lock<\/em> and tap Unlock and clear locked chats<\/em>.<\/p>\n

To further protect your WhatsApp chats, you can use disappearing messages. There are two ways to use this function. First, you can set a timer for a specific chat. To do this, tap the contact\u2019s profile picture, scroll down to Disappearing messages<\/em>, and select the desired duration.<\/p>\n

The second way is to set a default timer for all new chats. To do this, go to Settings \u2192 Privacy \u2192 Default message timer<\/em> and set the interval after which messages will disappear.<\/p>\n

Additionally, WhatsApp lets you send photos, videos, and voice messages for one-time viewing (no more). This is easy to do: select the item you want to send, and before hitting send, tap the icon with the number one in the caption field.<\/p>\n

How to disable \u201cblue ticks\u201d in WhatsApp<\/h3>\n

If you prefer to keep your message-reading habits under wraps, you can disable read receipts. To do this, go to Settings \u2192 Privacy<\/em>, scroll down, and toggle off the switch next to Read receipts<\/em>.<\/p>\n

Bear in mind that this is a two-way street: if you disable read receipts, you too will stop seeing blue ticks in chats. It\u2019s also important to know that this feature doesn\u2019t apply to group chats, where people will still see read receipts.<\/p>\n

\u00a0Other privacy settings in WhatsApp<\/h3>\n

The Settings \u2192 Privacy<\/em> section in WhatsApp holds a few more settings worth paying attention to. These determine who can access specific information about you. While there are no hard and fast rules \u2014 it all boils down to your personal circumstances and preferences \u2014 here\u2019s what I consider a balanced approach:<\/p>\n