Skip to main content
  1. Home
  2. Mobile
  3. News

WhatsApp Web gets a browser extension to beef up security

By

WhatsApp on the Web is a convenient way to access the messaging service on a desktop, without the hassle of installing an app. However, with the web, there’s always a risk of bad actors trying to trick users. With that in mind, WhatsApp is now offering a browser extension that verifies if users are on the authentic web version, or if they are on a tampered page that can steal data and install malware among other evil deeds.

How to use it

The process of using the browser extension-based security system is easy. Just go to the Chrome web store and search for Code Verify, hit the blue Add to Chrome button, and you’re good to go. As of now, Code Verify only works on Chrome, Edge, and Mozilla Firefox, but a version tailored for Safari is also in the development phase.

Once the browser extension has been installed and pinned to the toolbar, it will start doing its code verification job automatically every time users visit the WhatsApp Web page. And to inform users about the activity status, a color-code indicator system has been put in place. A green icon means everything is fine and there are no security risks.

The color coding system put in place for Code Verify on WhatsApp Web.
Image used with permission by copyright holder

If the Code Verify icon shows an orange circle with a question mark, it is a sign that the network request was timed out. An orange alert means the network connection might be stable or something is interfering with the verification process. To fix it, try reloading the page, changing the Wi-Fi network, or pausing other browser extensions.

Related

A red indicator with an exclamation mark is a sign that the source code couldn’t be verified, and that’s a possible security risk. In such a scenario, disable the other extensions and reload the WhatsApp Web page to see if the warning sign goes away.

Meta assures that the Code Verify extension doesn’t interfere with the privacy aspect. It won’t log any activity data, collect metadata, or access any of the user information on its own. More importantly, the extension doesn’t let anyone take a peek at the messages as they are end-to-end encrypted, just the way they are on the mobile app.

How it works

The functional template for WhatsApp Web
Image used with permission by copyright holder

Created in collaboration with Cloudflare, Code Verify relies on a security feature called subresource integrity that will check resources on the entire webpage. At the heart of the browser is a hash matching system, which also forms the backbone of Apple’s iCloud photo scanning system for CSAM detection.

“Whenever the code for WhatsApp Web is updated, the cryptographic hash source of truth and extension will update automatically as well,” Meta says in its announcement. The idea is to automate the process of hash matching, and then deploy it on a scale for hundreds of millions of WhatsApp users. Additional in-depth technical details about the Code Verify extension can be found here.

Editors’ Recommendations

Topics
Nadeem Sarwar
Nadeem Sarwar
Contributor
Nadeem is a tech journalist who started reading about cool smartphone tech out of curiosity and soon started writing…
WhatsApp just upgraded its emoji reactions and I want them now
Close up of WhatsApp icon as seen on a smartphone display. Credits: WhatsApp official.

WhatsApp will now allow users to react to messages with any emoji, in an expansion of its reaction feature that came out last year. It's coming to iOS and Android over the coming weeks, and it brings more personalization to one of the world's most used messaging apps.

Once you get the update, the emoji reactions will work as they do now, with a long press bringing up the basic six options with the incision of a new plus button. Pressing that plus icon will show you the new expanded set of emojis, and you'll be able to add whatever emoji you want. This includes skin tone variations, family types, and more.

Read more
You can finally move your WhatsApp chats from Android to iOS
WhatsApp and Telegram app icons.

Moving WhatsApp chats from Android to iOS has been a painful task for years. But not anymore, as Apple and WhatsApp have made the process a whole lot easier. Starting today, Apple is adding a feature that allows you to move chats between the two platforms. The feature is a part of Apple’s existing “Move to iOS” Android application. It’s worth noting that the feature is currently available for beta users only, so non-beta users might have to wait for a week or two as it's rolled out in phases.

This is a big move since 2 million people use WhatsApp and, until now, there wasn’t an official method to move conversations between Android and iOS. There have been third-party solutions here and there, but nothing officially backed by Apple or WhatsApp. With the feature becoming available, users will be able to move their chats swiftly from Android to iOS.

Read more
AT&T just made it a lot easier to upgrade your phone
AT&T Storefront with logo.

Do you want to upgrade your phone more than once a year? What about three times a year? Are you on AT&T? If you answered yes to those questions, then AT&T’s new “Next Up Anytime” early upgrade program is made for you. With this add-on, you’ll be able to upgrade your phone three times a year for just $10 extra every month. It will be available starting July 16.

Currently, AT&T has its “Next Up” add-on, which has been available for the past several years. This program costs $6 extra per month and lets you upgrade by trading in your existing phone after at least half of it is paid off. But the new Next Up Anytime option gives you some more flexibility.

Read more