An extension to verify the code running in your browser matches what was published.
VERIFY AUTHENTICITY OF YOUR WHATSAPP CLIENT
The new Code Verify is an open-source browser extension that lets you verify the authenticity of the WhatsApp client that you are being served when you use WhatsApp on the web. Code Verify will immediately alert you if your version of WhatsApp Web is inauthentic or has been modified.
NEED FOR WEB TRANSPARENCY
Mobile phones have security verification protocols in place to ensure that the client you’re downloading is authentic and hasn’t been modified. Unfortunately, those assurances haven’t existed for web-based implementations of apps (those that run on web browsers). Code Verify was created as a solution.
We know that bad actors may want to alter the WhatsApp app and distribute that app to unsuspecting targets. For example, a bad actor could serve someone a version of the WhatsApp client that was created to spy on them – without them ever knowing the difference.
DESIGNED FOR SECURITY-CONSCIOUS USERS
Code Verify was designed with our most security-conscious users in mind — those who might want additional peace of mind about their message security. Millions of people use WhatsApp on the web each month, and this type of independent verification and redundancy (also known as binary transparency) on the web is a huge step forward for online privacy.
HOW DOES IT WORK?
We've partnered with Cloudflare, a secure web content delivery service, to enable us to verify that everyone using WhatsApp on the web is accessing the same code, and we built a browser extension for you to independently verify that's the case.
When the WhatsApp client itself is updated, the extension will also automatically update with a new source of truth so people are continuously assured that the version they’re running is the same version that other WhatsApp users are running.
BENEFITS OF OPEN SOURCING
We’re not just doing this for WhatsApp. Open sourcing the Code Verify extension means that as WhatsApp rolls out Code Verify on its own platform, other companies will be able to apply web binary transparency to their web-based apps as well.
As a browser extension that is independent of WhatsApp and its infrastructure, people can be assured that the extension itself hasn’t been secretly modified by third parties. Since it exists in the public eye, it will be more difficult to modify it for any sort of nefarious purpose without people noticing.
Now you can have the power of transparency directly in your hands.
Use the Code Verify extension to provide confidence that the web app you’re using is authentic.
Learn more about Code Verify at https://faq.whatsapp.com/web/security-and-privacy/about-code-verify
By downloading or using this extension, you agree to Meta’s terms of service available at https://www.facebook.com/terms.php. Learn how your data is processed for this extension by visiting the Meta Data Policy: https://www.facebook.com/about/privacy/.