According to an article published on Mashable it appears that other people can access your messages through downloaded Android applications. This was quoted from Bass Bosschert, a security consultant and reports on message forum Hacker News.
The security flaw lies with the encryption code that WhatsApp uses for its built-in back-up mechanism that is used for reinstalling the application or when you migrate to a new device. Apparently WhatsApp has been using the same encryption code to protect all users rather than generating a new code for each separate user.
What this means is that the database that acts as a backup store for all users’ chats is being protected by an unsafe encryption mechanism. Any other app developer that is able to decrypt this will gain access to the message database.
In an explanation posted by Bass Bosschert on his website a device’s SD card is what is used to hold the WhatsApp database. When another Android app that uses non sensitive data is given access to the SD card this creates access to all data stored there, including the WhatsApp database. WhatsApp has not yet issued any formal response to these allegations.
This is not the first time that WhatsApp’s security flaws have been exposed. In fact, the aspect of security on IM platforms has been used as an entry point for new entrants into the IM market. A good example is Telegram. The app which is available on iOS and Android, Windows Phone also has desktop versions for MS Windows, Linux and Mac OSX.
Telegram was launched in August 2013 and is the brain child of the Durov brothers. These are the guys who founded VK, Russia’s largest social network. The app is noted for its strong focus on security measures supported by end-to-end encryption. This differs from client server encryption that other IM platforms like WhatsApp, WeChat and KakaoTalk use.
Other Telegram security features include the barring of third parties such as the app’s administrators from viewing any content, the encryption of all messages sent on the platform and the ability to “destroy” messages after a set time through its Secret Chats option as is the case with SnapChat.
While there are still many options to choose for instant messaging, the issue of privacy and security will definitely be a major issue to consider when picking the right platform. If it bothers you that much perhaps now is the time to move over to Telegram.