WhatsApp has encrypted message and call content end-to-end since 2016. Most users know "it's encrypted" without knowing what that actually buys them — what WhatsApp can still see despite encryption, when encryption helps, and when it doesn't. This is a direct walk through those questions without the marketing tone.
What end-to-end encryption actually means
End-to-end (E2E) means your device encrypts the message before sending, and it's decrypted only on the recipient's device. WhatsApp's servers route ciphertext — they don't see content. The protocol behind it is the Signal Protocol, an open, audited design from Open Whisper Systems that also powers Signal, Facebook Messenger's "Secret Conversations," and several other apps.
Technically it uses a key pair per user: a public key you share so others can encrypt messages to you, and a private key that never leaves your device. On top of that, the protocol generates a fresh key per message (forward secrecy), so compromising one key doesn't expose older messages.
What WhatsApp still sees
E2E encrypts content, not metadata. WhatsApp can see who talks to whom, when, how often, from which device, from which IP, how big the messages are, whether a call is voice or video. In many jurisdictions those records are handed over on lawful request, and Meta uses them for its own commercial purposes as well.
The other thing E2E doesn't cover is backups. If you back up your chats to iCloud or Google Drive without enabling encrypted backup, your conversations sit on the cloud provider in readable form, accessible to them — and, in theory, to lawful requests. WhatsApp added an opt-in encrypted backup some time ago, but it's not on by default. You have to turn it on in settings.
How to verify the channel is actually encrypted
Every WhatsApp conversation has a security code — a 60-digit number or a QR code representing the joint fingerprint of the two devices. If you're physically next to the other person, you can compare codes; if they match, you know there's no man-in-the-middle between you. Most users never do this, but the feature exists, and you can turn on notifications for when a contact's key changes (typically when they reinstall WhatsApp) so you know to re-verify.
When encryption isn't enough
E2E won't save you when an attacker goes around the encryption entirely. The common paths:
- Someone picks up your unlocked phone and reads the chats in the app itself.
- Your device has malware that reads the screen or keyboard before the message is encrypted.
- You're messaging a contact who is actually an impersonator — encryption works fine, but the other end isn't who they claim to be.
- Your backup isn't encrypted (see above) and an attacker gets into your cloud account.
In none of these is the cipher broken — it's bypassed. That's the useful frame: encryption solves one narrow threat (eavesdropping on the wire), and every other threat needs a different control.
Practically
For an ordinary user, WhatsApp's encryption means message content is well-protected against mass surveillance and against leaks out of WhatsApp's infrastructure. Metadata is not, and the device in your hand is the weak link you have to actively maintain — patched OS, screen lock, no unvetted apps or links. For communication sensitive enough that even the fact "these two people talked" would matter, WhatsApp isn't the right tool; Signal leaks less metadata, and an in-person conversation leaks none.