At the beginning of this year, Facebook announced that it would merge the underlying messaging systems of Instagram, WhatsApp and Messenger into one so users could communicate across platforms. While creating interoperability among its messaging apps certainly innovative, the social networking giant has long struggled to ensure security and privacy when using their products. However, this could be a great opportunity for Facebook to re-gain consumer trust by shifting focus to encryption and offering users three secure messaging tools, as long as it implements security features properly, communicates clearly about what encryption exactly is and the risks associated with it, and gives its users complete control and the ability to opt-in/opt-out of certain features.
What is Encryption?
The term “end-to-end’’ encryption has been a buzzword for quite some time. In general, encryption is the process of using an algorithm to code data, making it unintelligible to third parties. It is sometimes paired with an encryption key, only possessed by the sender and receivers, for further security. However, encrypted messages can be vulnerable, depending on the network being used to communicate. Enter the aforementioned buzzword, end-to-end encryption. Already found in WhatsApp, this is what Facebook intends to use for all three of its messaging platforms. It takes security a step further, encoding and scrambling information so that only the sender and receiver see the readable data, meaning the server only sees the scrambled code.
Encryption keys can also be symmetrical or asymmetrical. Symmetric encryption is the process of using two identical keys for both encrypting and decrypting information. While the algorithm used to encrypt is impossible to crack, security concerns come into play when considering who might end up with the key. This is where asymmetrical encryption, or the creation of two keys to encrypt and decrypt comes into play. The public key is given to the network to encrypt the message, and only the person who possesses the private key that matches the public one can decrypt.
While encryption is one of the most secure ways to send sensitive information, it is still subject to error. For example, indirect, or metadata, could still be used to determine the identities of the sender and receivers. Data masking is often the answer to this problem. It is another form of encryption, replacing sensitive information with fictional, yet realistic data that businesses can use in place of the real information they’re sent. This method grew in popularity when GDPR came into effect in Europe because it hides both direct and indirect consumer data. However, it would likely not be found in a consumer messaging app like WhatsApp.
Why is Facebook Embracing Encryption?
With the amount of security and trust struggles the company has faced recently, some people might find it strange that Facebook is embracing encryption. Some have speculated that this strategy shift is merely an apology. Others might even ask, “Why would a company that’s had so many public privacy struggles make this their next move?” To answer this question, it all comes down to business. Facebook needs to attract users and win back their trust after seeing many people leave the social network. According to a study from Edison Research, the platform has declined by 15 million users over the past two years. While there might be many reasons why those users left, millions of users stepped away around the same time privacy and security issues started to come to light, so there is a chance that did factor into some users’ decisions to leave.
The company is not alone in their privacy woes - there has been a general cultural shift in the way people view most large tech companies that connects to how many of them handle personal data. Recent consumer surveys show that more than 40 percent of technology users in the United States and United Kingdom do not trust the major tech companies to properly handle sensitive information. When asked if they trust Facebook to properly handle their data, only 19 percent of respondents said ‘yes.’
Amid reports of declining trust and an ongoing investigation, Facebook has done well financially. Many of those gains have been a direct result of the success of Instagram and the platform’s Stories feature. The company even has a potential new revenue source with Checkout, which allows people to buy products they see on Instagram. However, user numbers and user trust across all platforms are the true keys to their continued success, so it makes sense that the social network would want to focus on trying to draw former users back in that may have left due to distrust.
Not only is the company shifting focus to security, but they are also embracing interoperability between messaging platforms. Focusing on mobile messaging is a smart move for the company. Nearly 2.5 billion people around the world will use mobile messaging apps by 2021. Not only do those users have a wide variety of apps to choose from, but they also are most likely share personal or sensitive information. Given the global popularity of Facebook’s products, it makes sense that the company would want to ensure it stays on top of all things mobile messaging. Billions of users have already entrusted the company with the messages they send, this shift would allow them to seamlessly transition between several popular platforms.
Will Facebook Re-Gain Trust?
Embracing privacy and security after a series of high-profile issues related to mishandling data is a gamble. While end-to-end encryption is highly secure, it is not a perfect solution. For example, metadata from encrypted messages could still be revealing. This might not put the contents of the message at risk, but the identities of the sender and receiver could be revealed. Such information could potentially be used to target advertising, or worse, find the identities of witnesses or whistleblowers.
Risks aside, Facebook could see long term benefits from their new strategy. In order to truly win back the trust of users, the company needs to ensure that they implement end-to-end encryption without any hidden caveats, and they must allow users to opt-in to their interoperability while giving them complete control. For example, someone might use WhatsApp for work, but communicates with friends and family via Instagram and Messenger and want to keep those messages in separate inboxes. If the social network properly encrypts their messaging platform, clearly communicates what will happen with metadata and allows users to opt-in to certain features, they could potentially win back former users and re-gain trust.
Will Facebook’s embrace of security through mobile messaging ultimately win back the trust of consumers? While we can all have our opinions based on what we know about technology and what we’ve seen in the past, only time will truly tell.
About the Author:
As the CEO and President of Infinite Convergence Solutions, Anurag Lal has more than 25 years of leadership and operating experience in technology, mobile, SaaS, cloud and telecom services. He currently leads a talented team of innovators who are transforming everyday messaging technology into secure, highly scalable communication platforms that can be leveraged across a variety of markets and segments.
