Meta Advances Security for End-to-End Encrypted Backups with Enhanced Key Management and Transparency

Introduction

Meta continues to bolster the security of end-to-end encrypted backups for its messaging platforms, WhatsApp and Messenger. The company has introduced new measures to protect user data, building upon its existing HSM-based Backup Key Vault system. These updates focus on improving key distribution for Messenger and increasing transparency around the deployment of hardware security modules (HSMs). The goal is to ensure that neither Meta nor any third party, including cloud storage providers, can access users' backed-up message history.

The Foundation: HSM-Based Backup Key Vault

At the core of Meta's approach is the HSM-based Backup Key Vault. This system allows users to protect their encrypted backups with a recovery code. The code is stored in tamper-resistant hardware security modules (HSMs) that are physically and logically isolated from Meta's infrastructure. The vault operates as a geographically distributed fleet across multiple data centers, using majority-consensus replication to ensure resilience and availability. By design, the recovery code remains inaccessible to Meta, cloud storage providers, or any external party.

Last year, Meta made it easier to use passkeys for end-to-end encrypting backups. Now, the company is strengthening the underlying infrastructure for password-based backups with two key updates.

Recent Improvements

Over-the-Air Fleet Key Distribution for Messenger

To verify the authenticity of the HSM fleet, clients must validate the fleet's public keys before establishing a session. In WhatsApp, these keys are hardcoded into the application. However, for Messenger, Meta needed a way to deploy new HSM fleets without requiring users to update the app. The solution is over-the-air fleet key distribution. Fleet public keys are delivered as part of the HSM response in a validation bundle. This bundle is signed by Cloudflare and counter-signed by Meta, providing independent cryptographic proof of authenticity. Cloudflare also maintains an audit log of every validation bundle. The full protocol is detailed in Meta's whitepaper, Security of End-To-End Encrypted Backups.

More Transparent Fleet Deployment

Transparency is critical to demonstrating that the system operates as intended and that Meta cannot access users' encrypted backups. Meta now publishes evidence of the secure deployment of each new HSM fleet on its engineering blog. New fleet deployments are infrequent—typically every few years—but Meta is committed to showing users that each new fleet is deployed securely. Anyone can verify the deployment by following the audit steps outlined in the whitepaper.

How Users Can Verify Security

Meta provides a clear audit process for users to independently confirm the integrity of the HSM fleet deployments. The steps are described in the Audit section of the whitepaper. Users can check that the published evidence matches the cryptographic proofs from independent entities like Cloudflare. This transparency reinforces trust in the end-to-end encrypted backup system.

Conclusion

Meta's latest updates represent a significant step forward in securing encrypted backups. The over-the-air fleet key distribution enhances flexibility for Messenger without compromising security, while the commitment to publishing deployment evidence sets a new standard for transparency. For the complete technical specification, refer to the whitepaper Security of End-To-End Encrypted Backups.

Jump to the HSM Vault section | Jump to Over-the-Air Distribution | Jump to Transparency | Jump to Audit Instructions