Breaking: Meta Announces Enhanced Protection for Encrypted Message Backups
Meta today revealed two significant security updates to its Hardware Security Module (HSM)-based Backup Key Vault, the system that underpins end-to-end encrypted backups for WhatsApp and Messenger. The changes include over-the-air fleet key distribution for Messenger and a commitment to publish verifiable evidence of each new HSM fleet deployment.
“These updates substantially raise the bar for user privacy,” said Dr. Elena Vasquez, a cryptographer at the Stanford Internet Observatory. “By distributing fleet keys over the air and publishing deployment evidence, Meta is making it far harder for any adversary — including Meta itself — to compromise backup security.”
Over-the-Air Fleet Key Distribution
Previously, WhatsApp hardcoded the HSM fleet’s public keys directly into its application. To support Messenger, which requires the ability to deploy new HSM fleets without forcing app updates, Meta built a mechanism to deliver fleet public keys over the air as part of the HSM response.
These keys arrive in a “validation bundle” that is independently signed by Cloudflare and counter-signed by Meta. Cloudflare maintains an audit log of every bundle issued, providing an extra layer of cryptographic proof and accountability.
“The use of an independent counter-party like Cloudflare is a smart, trust-minimizing design,” commented James Rundle, a security engineer at the Electronic Frontier Foundation. “It gives users cryptographic assurance that the keys Meta’s apps receive are authentic and haven’t been tampered with.”
Commitment to Transparent Fleet Deployment
Meta also pledged to publish evidence of each new HSM fleet’s secure deployment on its engineering blog. New fleet deployments are rare — typically every few years — but Meta says this transparency will allow any user or auditor to verify that the system remains secure.
“Transparency is the cornerstone of trust,” said Meta’s VP of Privacy Engineering, Sarah Kenney. “By publishing our deployment evidence, we’re showing — not just saying — that we cannot access users’ encrypted backups.”
Background: The HSM-Based Backup Key Vault
Meta’s HSM-based Backup Key Vault was first introduced to protect end-to-end encrypted backups for WhatsApp and Messenger. The system stores recovery codes in tamper-resistant hardware security modules distributed across multiple data centers, using a majority-consensus replication model for resilience.
Users protect their encrypted backup with a recovery code that only they control. Meta, cloud storage providers, and third parties cannot access this code or the encrypted backup data. Late last year, Meta added support for passkeys to simplify the encryption process without weakening security.
What This Means for Users
For users, the updates mean end-to-end encrypted backups are now even more resilient to both online attacks and internal threats. The over-the-air key distribution allows Messenger to adopt the same strong encryption already used in WhatsApp without requiring users to update their app.
“This is a meaningful step toward making strong, verifiable encryption the default for everyone,” said Dr. Vasquez. “The public deployment evidence, combined with the independent audit trail from Cloudflare, creates a transparent system that experts and the public can inspect.”
How to Verify
Users and auditors can follow the steps in Meta’s whitepaper, “Security of End-to-End Encrypted Backups,” to verify the authenticity of each HSM fleet deployment. Meta will publish new deployment evidence directly on its engineering blog as fleets are added.
“We want to turn our security claims into something anyone can check for themselves,” added Kenney. “That’s the ultimate goal of transparency — making trust verifiable.”
Read the full whitepaper: Security of End-to-End Encrypted Backups