Sharing is caring!

Viber has announced that it will introduce end-to-end encryption for its application, but experts were worried that the company is using the cryptographically insecure MD5 algorithm. Viber has assured its fans that their conversations are very well protected, without giving information about the protocols it’s using. However, the company has added that it won’t offer any backdoors, regardless of the country.

Viber is following in the footsteps of WhatsApp and brings end-to-end encryption to application that has 700 million users. This feature has been introduced in the latest update and it makes sure that private conversations won’t be accessed by anyone else, apart from the sender and recipient, because they will be locked out.

Many researchers were worried that Viber’s messages are not as private and secure because the company hasn’t specified what protocols it’s using. Unlike WhatsApp, the other application that has introduced end-to-end encryption a month ago, Viber hasn’t published a security whitepaper to explain how messages are encrypted. But one thing’s for sure: Viber is not using the cryptographically insecure MD5 algorithm, contradicting security researcher Frederic Jacobs, who said that the developers may have based their encryption on an MD5 algorithm. Viber told TechCruch that their application “can access records that show only that one phone number has contacted another phone number”, but they can’t access “the content of messages or phone conversations.” Moreover, Viber’s spokesperson has highlighted that the company won’t grant any backdoor access in any country, regardless of the circumstance.

So far, Viber has performed internal audits on the encryption protocol and soon will be performing external audits, as well. The Viber representative has also added that “Our encryption protocol was based on an open source protocol concept, with an extra level of security developed in-house.”

Viber app has been upgraded to version 6.0, which already rolled out in some regions.