WhatsApp enhances iCloud backup security by adding encryption quietly

In a development noticed by Forbes recently, late last year WhatsApp improved the security of iCloud backup by adding the encryption feature to it quietly. This means a user with access to iCloud data will not be able to get WhatsApp data saved in it.

But Oxygen Forensics, a supplier of mobile and cloud hacking tools, claims it has added a feature that allows circumventing the encryption.

WhatsApp confirmed to Forbes about the iCloud encryption feature saying: "When a user backs up their chats through WhatsApp to iCloud, the backup files are sent encrypted."

Vladimir Katalov, CEO of forensic firm Elcomsoft, told Forbes that the Oxygen tool works only in specific cases.

Katalov explained that when a user wants to upload his WhtasApp data to iCloud Drive, and enters a verification code sent by WhatsApp, an encryption key is generated. The key is used to encrypt the iCloud data.

Katalov adds that the Oxygen tool helps download data backed up by WhatsApp. A SIM-card with the same number as the user is used, so that the verification code is received. This is followed up by generating the key to decrypt data.

However, this process is useful only in a specific scenario: for instance, if WhatsApp has been deleted from a phone and the police need a quick way to retrieve data from iCloud.

Lee Reiber, Oxygen's chief operating officer, told Forbes that the company was involved in a "cat and mouse" game trying to keep up with the additional security features incorporated by WhatsApp, Apple, Facebook, Google and others. The company recently received a $58,000 (£44,810) order from the US Immigration and Custom Enforcement for its mobile-related search technology.

Reiber claims Oxygen could retrieve authentication tokens from iOS devices that would allow access to iCloud without requiring a username and password. But Apple keeps changing the authentication token frequently.