Page 11 - Telecom Reseller MayJun 2016
P. 11
May/June 2016 Telecom Reseller 11
A false Sense of Security in Our Messaging Apps
I
n the last couple of weeks, we have seen
consumer messaging giants WhatsApp security loopholes that hackers could exploit, With hacking and data breaches becoming
and Viber retrospectively add end-to-end
PARKER
as the keys are stored on devices but is not clear increasingly prominent, consumers and businesses
encryption technology to their communications how they are generated or if they are deleted, must be encouraged to think encryption rst. But
platforms. e notion of providing users with or whether users’ messages are accessible from it is equally important to consider how secure the
improved security is certainly to be applauded, by Jonathan Parker-Bray, CEO WhatsApp’s servers.
o ering they choose to protect their businesses
and seeing messaging apps adopt encryption as of Pryvate (www.pryvatenow. com)
e case of Viber is even more concerning. e and personal communications actually is. e vast
a necessity as opposed to simply a nice-to-have ‘coloured lock’ that the company says signi es majority of o erings on the market from some
feature, is long overdue.
whether messages are secured or not is simply a big, well-known businesses simply don’t make
However, the manner in which providers are Mainstream messaging concerns
marketing gimmick that gives users a complete the grade when it comes to o ering total security
increasingly introducing encryption technology is ideal of deploying true encryption is a far
false sense of security that their messages are and would not even come close to preventing
within apps as an a erthought is potentially cry from what users receive with the likes of protected. ere is no mention of how algorithms highly skilled cybercriminals from accessing users’
providing a false sense of security to the billions of WhatsApp and Viber. WhatsApp, for example, protect conversations or whether group messages communications.
people that use them on a daily basis.
has freely admitted that its new encryption service – of up to 200 users – are protected by a single It is vital that people take their digital
e reality is that messaging platforms like uses ‘derived keys’, which means that the company key or individual keys for each user. Its launch has communications seriously to ensure they can feel
WhatsApp, Viber, and countless similar o erings has some access to keys before a conversation is failed to provide users with assurances that it is con dent and fully secure when they interact with
on the marketplace do not provide users with a initiated and implies that it operates some form of operating a level of security anywhere near true friends, family members and colleagues at home,
level of encryption that safeguards truly sensitive temporary storage. is has the potential to create
encryption.
at work and while travelling. n
information – yet they continue to claim they do.
e danger here is that the majority of users
are unaware that there are di erent levels
of encryption, so when these apps describe
themselves as being identical to those that o er
higher levels of security, it is understandable
that consumers and business users believe them.
Terms like end-to-end encryption, for example,
can apply to vastly di erent systems and lead end
users into a false sense of security that their calls,
text messages, and instant messages are being sent
securely.
The encryption epitome
e public nature of data breaches making major
news headlines is enlightening businesses and
consumers on the risks of a potential breach when
they use their smartphones to communicate
on a daily basis. So now, more than ever, it is
imperative that communication services across
email, voice calls, conference calls, video calls, and
instant messenger are properly protected from
cybercriminals, intruders, corporate espionage,
and hackers.
True encryption applications
hold no access to encryption
keys and no records of any
communications between
users... nothing is seen or held by
the provider and their networks
are not involved.
e state of cybercrime, whereby hackers
are more sophisticated than ever in their bid
to steal data for nancial gain, necessitates the
need for specialist communication applications
with encryption at their core. is means
people who truly care about the security of
their communications must move away from
popular messaging platforms that simply deploy
encryption as a bolt-on to their current o ering, in
favour of true end-to-end encryption solutions.
ese applications are built with security in
mind from the ground up, with features like
top-of-the-line RSA 4096-bit encryption, which
is essential as it ensures all business and personal
communications remain truly private. e key
di erence that sets these applications apart from
others on the market is that they set out with the
sole intention of developing a suite of totally secure
communication services.
True encryption applications hold no access
to encryption keys and no records of any
communications between users. All encryption
keys are generated within the user’s app on their
device and are automatically deleted once used
with another 4096-bit key generated for each
session – nothing is seen or held by the provider
and their networks are not involved.
