end-to-end encryptionEarly in April, right on the heels of the FBI vs. Apple conflict, the instant messaging service WhatsApp announced that it had deployed end-to-end encryption, joining other popular messaging apps like Apple’s iMessage in using this security feature. While this announcement really only affects WhatsApp’s 1 billion or so users, it shows that some of the major players in the tech industry are serious about privacy and security. While most of us are familiar with encryption, end-to-end encryption may be a completely foreign concept. To help you understand the importance of end-to-end encryption, we detailed everything you need to know.

What is end-to-end encryption?

End-to-end encryption is the Holy Grail of cybersecurity, as it’s a form of communication in which data is protected throughout the exchange — meaning only the sender or recipient have the means of decrypting the data and seeing it in plain text or “as it is.” It’s the cybersecurity equivalent of wearing a bulletproof vest, as your data remains safe even if you’re using insecure networks, such as an open network or public Wi-Fi. The end-to-end protection also extends to law enforcement snooping, which we all saw with Apple vs. the FBI. In the event that the government asks WhatsApp to hand over user data, it would be almost impossible to provide such information (assuming both devices have the latest version of the software), as only the devices participating in the exchange can actually see the information (the company itself can’t even decode it). That said, end-to-end encryption is not immune to backdoor access, something we also saw with the Apple vs. FBI case.

Are there downfalls to end-to-end encryption?

Unfortunately end-to-end encryption does have limitations, namely the users and their devices – in other words, the “ends.” Encryption is only good while the data is in transit, as devices and more often people themselves can be exploitable. One of the most common forms of exploitation occurs when a user unknowingly clicks on a malicious link in an email, which can jeopardize the security of your device as well as put your identity at risk, as it often infects your device with malware that can allow the hacker to see all you do. Read our guide to avoiding email scams to learn more. Also, find out if you may be unknowingly exposing your identity every day by making simple mistakes.

It should be noted that although security may be only as perfect as the users’ devices and cybersecurity awareness allow, WhatsApp developers have created countermeasures to protect users in the event of a hack, such as its verification check that can be used to reveal impostors who might be phishing. But even with such protections, which are not surefire methods to stopping fraud, there’s now an increased urgency in making sure users are cybersecurity aware, as more cybercriminals will likely focus their efforts on people and their devices.

Is there anything else should I know?

WhatsApp users will want to make sure their app is up to date. If you’re not sure whether or not your version is using end-to-end encryption, WhatsApp has a tool to help you verify. In addition, all smartphone, computer and tablet users (regardless of if you use WhatsApp) should be aware of these basic cybersecurity tips, as they may help protect you or your device from potential threats.

1. Avoid insecure networks. Although free Wi-Fi at your local coffee shop or the library may be convenient, these networks are usually not as secure as you’d hope, which is why it’s best to avoid them. Learn more about the dangers by reading our guide to public Wi-Fi networks.

2. Use strong passwords. While using the same password for all of your online accounts may make them easy to remember, they’re not doing anything to protect your information. Making sure you use a strong password for each of your accounts will help protect your information and data more than you realize. Not sure what makes a password strong? This blog post has the breakdown.

3. Don’t overshare. Social media and other online communications help us connect with family members, friends and colleagues we may not have seen in years, but they may also be exposing your identity if you detail every aspect of your lives and opt to use features like geolocation. Follow these tips to avoid oversharing.

4. Protect your device. One of the easiest ways to protect your devices from phishing, hacking or malware attacks is to invest in an Internet security software, which will not only alert you to potential threats but also block and remove any threat that makes their way onto your device. While some Internet security software companies don’t offer the best mobile protection, others have apps which provide pretty extensive features. Check out our reviews of the top names in Internet security software to find the best option for protecting all of your devices.

5. Backup your data. We all value the data we store on our computers, smartphones and tablets, so we want to make sure it remains safe in the event that our device is compromised, especially if we fall victim to a ransomeware attack. That’s where online backup comes in. These services allow you to set up automatic backups of your important photos or other files from any device you wish using the service’s desktop version or mobile app, which means you won’t have to manually upload anything and it will all be easily accessible in the cloud if you ever want to redownload it. Visit our online backup reviews to learn more.

Even though end-to-end encryption is designed to protect data from the moment it’s sent to the time it’s delivered, it’s also designed to supplement good cybersecurity practices, not replace them. Follow our technology blog to learn more about cybersecurity and protecting yourself online.