WhatsApp Introduces AI Tools With Promise of Full Message Secrecy

WhatsApp, the world’s largest messaging platform, has announced a major leap in privacy-preserving artificial intelligence (AI) with the introduction of its new “Private Processing” system. 

This technology enables users to access advanced AI features-such as message summarization and writing suggestions-while upholding WhatsApp’s core promise of end-to-end message secrecy, ensuring that not even Meta, WhatsApp, or third parties can access private communications.

“We are inspired by the possibilities of AI to help people be more creative, productive, and stay closely connected on WhatsApp, so we set out to build a new technology that allows our users around the world to use AI in a privacy-preserving way,” Meta stated in its engineering blog. 

Private Processing will enable AI-driven features like message summarization, writing suggestions, and editing help without compromising security. 

Meta’s Private Processing for AI in WhatsApp

The system is built on sophisticated security infrastructure using Trusted Execution Environments (TEEs) and Confidential Virtual Machines (CVMs). When a user requests AI assistance, the process follows several security protocols:

• Authentication occurs using anonymous credentials to verify legitimate WhatsApp clients.
• The system establishes an Oblivious HTTP (OHTTP) connection via a third-party relay, hiding the user’s IP address from Meta.
• A Remote Attestation + Transport Layer Security (RA-TLS) session is created between the device and TEE.
• The user’s request is encrypted end-to-end with an ephemeral key that Meta cannot access.
• After processing in the CVM, results are returned encrypted to the user’s device.

“Private Processing will allow users to leverage powerful AI features, while preserving WhatsApp’s core privacy promise, ensuring no one except you and the people you’re talking to can access or share your personal messages, not even Meta or WhatsApp,” Meta explained.

Enhanced Security Measures

The system operates as stateless, meaning it doesn’t retain access to messages after processing is complete. This “forward security” ensures that attackers cannot recover historical requests or responses.

WhatsApp has implemented “non-targetability” features to prevent malicious actors from targeting specific users. The technology uses OHTTP protocol and anonymous credentials, making it impossible to route a specific user to a particular machine.

Users maintain control through an “Advanced Chat Privacy” feature that allows them to restrict others from utilizing their messages for AI purposes. 

Similar to disappearing messages, any chat participant can toggle this setting, with changes visible to all members.

To validate their security claims, Meta will publish components of Private Processing as open source and expand its Bug Bounty program to include this technology. 

Independent security researchers will be able to continuously verify the privacy and security architecture.

“To help inform our industry’s progress in building private AI processing, and to enable independent security research in this area, we will be publishing components of Private Processing, expanding the scope of our Bug Bounty program to include Private Processing, and releasing a detailed security engineering design paper,” Meta announced.

The new AI features are expected to roll out to WhatsApp’s approximately 3 billion global users in the coming weeks, potentially transforming how people interact with the messaging platform while maintaining WhatsApp’s foundational commitment to privacy.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.