No self-respecting messaging service wants to be seen without end-to-end encryption this season, and Viber has become the latest to don the garb most recently flaunted by the scene’s biggest star, WhatsApp.
Viber, a Cypriot-Israeli operation owned by Japanese web giant Rakuten, has roughly 250 million monthly active users and 711 million users total. That figure is not quite territory with its billion-plus regular users, but it’s a sizable user base, nonetheless.
Where Viber does have the edge over WhatsApp’s recent encryption rollout is that Viber claims to also offer end-to-end protection for its desktop version, not just mobile. The deployment covers text and voice chats, both one-to-one and group.
“Our users will be able to securely communicate across all of their devices through end-to-end encryption,” chief operating officer Michael Shmilov wrote in a blog post. “We have been working on this for a long time and are proud that our users can confidently use Viber without fear of their messages being intercepted.”
End-to-end encryption means only the people communicating get to see the conversation. The company providing the communications service, Viber in this case, has no such view. This isn’t only protection against hackers; it also means the service provider cannot be compelled by court order to reveal the content of the communications (at least, not successfully).
The standard disclaimer applies: Anyone with access to the user’s device, whether physically or by hacking, will be able to see the unencrypted chat.
Viber users should make sure they’re using the latest version of the app. They’ll start to see a gray padlock next to conversations within the next two weeks or so. Each user will get a cryptographic key that can be used to verify identities, allowing that padlock to turn green to denote extra security.
What’s more, Viber has also launched “hidden chats” to protect the privacy of users who, for example, share tablets with family members.
Should you trust Viber’s encryption? That depends. At the time of writing, it does not look like Viber has published a whitepaper describing its cryptographic technology, nor has any external party audited its code. By way of contrast, the people who designed WhatsApp’s encryption are well-known and well-respected, and that code has been thoroughly inspected.
Viber told Fortune it has already conducted internal audits of the code, and it will commission external audits in the coming weeks. “Our encryption protocol was based on an open source protocol concept, with an extra level of security developed in-house,” Viber added.
If you’re a Viber user and you suspect someone is trying to snoop on your communications, it may be best to proceed with caution for now. Experts like to see evidence of a security tool’s effectiveness and are deeply suspicious of home-brewed encryption protocols.
That said, Viber’s latest move confirms again that end-to-end encryption is now the industry norm.