To comply with DMA, WhatsApp and Messenger will be interoperable through the Signal protocol | Top Vip News

Image credits: Justin Sullivan / Fake images

Goal today is offering more details on how it plans to make its messaging apps, WhatsApp and Messenger, interoperable with third-party messaging services, as required by the new EU law, the Digital Markets Act (DMA). The company had previously shared that participating in third-party chats would be a voluntary experience for users, given that new integrations could be a source of spam and scams. He also said that third parties would have to sign an agreement, but until today he had not shared the details of what that would include. Additionally, Meta now says it will ask third parties to use the Signal protocol, although it may make exceptions to this in the future.

Specifically, Meta says it will only allow third-party developers to use another protocol besides Signal, “if they can demonstrate that it offers the same security guarantees as Signal.”

The company touts the benefits of the Signal protocol, which both WhatsApp and Messenger use for encryption. Messenger is still implementing E2EE (end-to-end encryption) by default, but WhatsApp has offered E2EE by default since 2016. Because Signal represents the “current gold standard” for E2EE chats, Meta says it would “prefer” it. third parties We also use the same protocol.

The company also outlines the high-level technical details of how this encryption would work, which involves a third party building protobuf (Protocol Buffers) message structures, a series of key-value pairs, which are encrypted using Signal and then packaged into stanzas. of messages (an insertion mechanism) using XML. Meanwhile, Meta servers will send messages to any client connected via a persistent connection.

Third parties that connect with Meta will be responsible for hosting any image or video files that their client applications send to Meta users. Meta messaging clients will download encrypted media from third-party messaging servers using a Meta proxy device, it notes.

Image credits: Goal

These details are important because users of the Meta messaging app, particularly WhatsApp users, who have had E2EE enabled by default for years, want to know that their conversations will remain secure, despite the DMA changes.

However, Meta protects itself somewhat by saying that while it has created a secure solution using the Signal protocol to protect messages in transit, it cannot guarantee “what a third-party provider does with messages sent or received.” This suggests that Meta may use the argument that third-party messaging interoperability is potentially less secure as a means of keeping its users interested solely in Meta’s messaging services.

The company’s blog post also explains that the solution, which is based on Meta’s existing client/server architecture, is the best as it would reduce barriers to participation for new entrants. But this sets up Meta as the one who sets the rules and decides how interoperability will work, of course. Meta notes that doing so will improve reliability, as Meta’s infrastructure has already been scaled to handle more than 100 billion messages daily. Still, the company says there may be an approach that would eliminate the requirement for third parties to implement WhatsApp’s client-to-server protocol, instead adding a proxy between its client and the WhatsApp server. But that solution will require third parties to agree to additional protections to keep Meta users safe from spam and scams.

Additionally, Meta says that third-party providers will need to sign an agreement with Meta or WhatsApp before they will allow interoperability. Today it will publish the WhatsApp Referral Offer for third-party providers and soon it will also publish the Referral Offer for Messenger.