Skip to content

WhatsApp and Messenger enforce interoperability via Signal Protocol

  • by
  • 3 min read

Photo by mundissima / Shutterstock.com

In a move to comply with the Digital Markets Act (DMA) set forth by the European Union, Meta, the parent company of popular messaging services Messenger and WhatsApp, has announced the implementation of interoperability, allowing designated third-party messaging services to connect to its platform.

As of now, Meta has selected the Signal Protocol for this purpose and urges the third-party service providers to use the same.

Effective March 7th, the DMA mandates that messaging services must enable interoperability, provided third-party services meet specified eligibility criteria, including technical and security requirements. This development allows users of third-party providers opting for interoperability to exchange messages with users on Messenger or WhatsApp.

Meta collaborated with the European Commission to ensure compliance with the DMA rules. The initial requirement focuses on 1:1 text messaging and the sharing of media files, with future expansions planned for group functionality and calling.

To facilitate interoperability, third-party providers will sign agreements with Messenger and WhatsApp, following which Meta will work collaboratively to enable the functionality.

Meta has released the WhatsApp Reference Offer for third-party providers outlining the requirements for interoperability, with a similar offer for Messenger to follow.

This is an image of whatsappmessengermetainteroperability ss1
Interoperability process. | Source: Meta

To maintain the security standards of its end-to-end encrypted (E2EE) messaging apps, the company has been utilising the Signal Protocol as the foundational encryption framework. While encouraging third-party providers to adopt the Signal Protocol, Meta allows compatibility with other secure protocols that offer similar guarantees.

“We are using the Signal Protocol as the foundation for these E2EE communications, as it represents the current gold standard for E2EE chats,” said Meta.

The technical solution builds on Meta’s existing client/server architecture, providing a plug-and-play model for third-party providers. This approach enhances security, reduces barriers for new entrants, and limits the exposure of users’ data to Meta servers.

The architecture involves third-party clients connecting to Meta infrastructure, utilising protocols like XMPP. Meta’s servers handle various aspects, including authentication, push notifications, and the encryption of data using the Noise Protocol Framework. The company acknowledges the potential for third-party providers to add a proxy, providing more control but at the cost of losing certain safety signals.

In the News: Google’s algorithm change will tackle low-quality information

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

Photo: koshiro k/shutterstock. Com

OpenAI’s o3 model scores lower than initially promised

  • by
  • AI, In News
This is an image of spyware on pc

Russian hosting provider abused for malware delivery

What is a hack? 9 different types of hackers you must know about

Kimsuky-linked APT campaign exploits RDP and MS Office flaws

This is an image of instagram featured

Meta expands AI-powered age verification on Instagram

This is an image of gmail featured 134

Google OAuth flaw exploited to bypass Gmail security filters

This is an image of data breach featured

Legends International suffers data breach affecting employees and venue visitors

>