The ubiquitous end-to-end encrypted messaging service WhatsApp melds security and convenience for 2 billion people around the world. But there’s always been a big limitation: The service relies entirely on your smartphone. You can use your account on desktops or through the web, but you’re really just interacting with a mirror of what’s on your phone. If its battery dies, or you want to use two secondary devices at once, you’re out of luck. But WhatsApp says it has finally, finally figured out a solution.
Today WhatsApp is launching a limited beta to start real-world testing on a multi-device scheme. With the new feature, you’ll be able to use WhatsApp on your phone and up to four other devices all at once. The only caveat is that those other four need to be “non-phone” devices. Your smartphone will still be the first device where you set up WhatsApp; you’ll add the other devices by scanning QR codes from your phone.
Using WhatsApp across devices wouldn’t be any trouble if your data lived on WhatsApp’s servers. But the company’s end-to-end encryption scheme keeps it from ever seeing the contents of your messages, and they’re not stored by WhatsApp at all after delivery. This why mirroring your phone to your desktop, as WhatsApp and many other secure messaging apps have historically done, is an appealing option. All the security protections extend from your phone, and there’s nothing actually happening independently on the other device. It takes complicated cryptographic wrangling to actually anoint other devices and keep everything in sync.
“As we enter the multi-device era, guaranteeing that the security of WhatsApp remains bulletproof is the team’s largest concern,” says Scott Ryder, director of WhatsApp consumer engineering. “Really, it’s the core of why the project took over two years to complete. When both internal and external security reviews agreed we’d achieved that goal—that was an exciting moment.”
The foundational idea of end-to-end encrypted communication is that data is unreadable at all times except to the sender and receiver. That means, for example, that a message is only decrypted and accessible on the phone you sent it from and the phone of the person you sent it to. Group messaging or calling makes this a little more complicated, but as long as everyone is using the same device all the time, it’s doable.
You can see how it gets more complicated, though, for a service to keep track of who’s who if everyone suddenly has three devices and wants real-time syncing between them. Without full end-to-end encryption, a central server can take little peeks at the data to figure out what needs to go where. But when you’re really trying to keep things locked down, you need a special system to make it work.
As Facebook CEO Mark Zuckerberg put it to WABetaInfo at the beginning of June, “It’s been a big technical challenge to get all your messages and content to sync properly across devices.”
Making it all work involves two main components. One is that, instead of having a single identity key for each user—in other words, the smartphone associated with the account—each device you use for WhatsApp now has its own identity key. WhatsApp’s server keeps a sort of family tree of all the device identities on a person’s account; when someone goes to send a message to that account, the server provides the whole list of keys so that message goes to all the right devices.
WhatsApp says it has carefully added checks on this system to make sure a bad actor can’t add extra devices to your account and receive your messages. Users can check the list of devices linked to their account to ensure there aren’t lurkers, and they can also do a “security code” comparison with someone they’re communicating with to ensure the two codes match. If something has gone awry and one user has an extra, unverified device registered to their account, the codes won’t match.
