Meta is enabling end-to-end encryption on Messenger for millions of users across the globe via a software update, the company has announced. Meta first started testing the security protocol in August 2022 and then expanded the test pool in January 2023 while simultaneously adding more features to encrypted chats. Starting today, the software update enabling end-to-end encryption in Messenger chats has begun rolling out to additional users. It’s a phased release and Meta hopes to deliver the beefed-up security to all Messenger users by the end of the year.
For the unaware, end-to-end encryption (E2E) keeps your conversations safe from eavesdropping and en-route interception. With end-to-end encryption, messages are protected using public key cryptography. Essentially, all the messages are converted into a jumble of code as soon as they leave your device. It is only decrypted when it reaches the recipient’s device. That’s because the keys are only stored on the two devices that are exchanging the message. That means even Meta can’t read the Messenger texts passing through its servers.
For years, apps like WhatsApp and Signal have touted the security offered by end-to-end encryption as their biggest draw. By the end of this year, Messenger will also join the ranks of communication platforms with the best security standards. Once you’ve installed the latest Messenger build, your chats will automatically get end-to-end encrypted — assuming you’re included in this expanded test pool, of course. With that said, you will still be able to access all your previous messages in a chat before encryption was enabled. Voice and video calls on Messenger got the encryption treatment in 2021.
Meta plans to make E2E encryption default by year’s end
Enabling end-to-end encryption apparently wasn’t easy and it took years to materialize. “We not only needed to transition to a new server architecture but to rewrite our code base to work on multiple different devices, rather than just the server,” Meta says in a blog post. The company claims it had to rebuild more than 100 features atop the updated code stack with encryption enabled. Meta cites the example of rich URL previews pulled from a third-party service.
Previously, it was Meta’s servers that would pull the relevant URL data and then show the YouTube video preview in a Messenger chat. But with encryption, it’s now the app itself that visits the URL shared in a chat, pulls the image and other text-based information for the preview, and then sends it. It takes a tad bit of extra time, but the entire feature pipeline has been reworked to make way for end-to-end encryption without having to sacrifice features and privacy.
Meta is also testing an on-device recovery option for encrypted chats, which requires users to set up a PIN or generate a code. An option to save these chats on a third-party cloud storage service like Apple’s iCloud is also being tested. As for Instagram, end-to-end encryption for direct messages is currently limited to the test phase. But according to an article by Meta safety chief Antigone Davis in The Telegraph, the chat privacy feature will also be enabled for Instagram DMs by the end of 2023.