Not wanting to be left behind in the pursuit of enhanced user security, Viber is adding end-to-end encryption (E2EE) following WhatsApp’s E2EE roll out earlier in April. Viber announced on Tuesday that E2EE would roll out to its users globally over the next two weeks. The new encryption will cover text, voice, and group chats, and will work across mobile and PC versions of Viber.
The new feature will be made available to users automatically. You’ll know you have it when you see a lock icon in the text entry box in chats. But Viber’s implementation won’t be as behind-the-scenes as WhatsApp’s is. Instead, the company has added a few extra features for those who want added protection.
When you see a gray lock icon, that means your communication is being protected using the service’s standard E2EE. In addition, each user also has a cryptographic key associated with their device that can be used to authenticate your identity to other Viber users. When this feature's in use the lock turns green. If it turns red instead, that can mean someone is trying to listen in on your conversation through a man-in-the-middle attack.
However, you’ll probably see a red lock more often when the person you’re talking to switches to a new device. When that happens you’ll need to re-authenticate each other to get the lock icon back to green. We haven’t had a look at Viber’s new encrypted app yet, so we can’t comment on how easy it is to use the service’s new authentication feature.
In addition to E2EE, Viber also introduced a new hidden chats feature that removes chats from your regular logs and protects them behind a PIN lock.
Why this matters: Blame it on the Snowden revelations, the increasing secret demands for personal data by law enforcement, or just plain old hacking. Whatever the reason, more people are concerned about personal online security, and at least some messaging companies would rather not be involved in demands for user data. Apple’s iMessages also offers E2EE, as does Signal, while Line and Telegram offer it as an option. Many other services don’t offer E2EE encryption at all, including major ones like Facebook Messenger, Google Hangouts, Kik, and Snapchat. With so many holdouts we’re not quite at the tipping point for universal E2EE, but it’s getting there.
Sign up for Computerworld eNewsletters.