Meta, the parent company of Facebook, has disclosed further details regarding its strategy to make its messaging platforms, WhatsApp and Messenger, interoperable with third-party messaging services, in line with the new EU regulation, the Digital Markets Act (DMA). In compliance with DMA requirements, Meta will introduce interoperability features, allowing users to engage with third-party chats, albeit on an opt-in basis, due to concerns about potential spam and scams.
In a recent announcement, Meta revealed that it will require third-party developers to utilize the Signal protocol for interoperability. However, exceptions to this rule may be considered if alternative protocols can demonstrate comparable security standards to Signal.
The Signal protocol, acclaimed for its end-to-end encryption (E2EE), is currently employed by both WhatsApp and Messenger. While Messenger is in the process of implementing E2EE by default, WhatsApp has offered this feature since 2016. Meta emphasizes the Signal protocol as the “gold standard” for E2EE chats and encourages third-party integrations to adhere to the same standards.
The encryption process involves constructing message protobuf structures, encrypted using Signal, and packaged into message stanzas using XML. Meta’s servers will then deliver messages to connected clients via a persistent connection.
Third-party providers engaging with Meta will be responsible for hosting media files exchanged between clients and users. Meta’s messaging clients will retrieve encrypted media from third-party servers via a Meta proxy device.
Despite Meta’s assurances regarding message security during transit, the company acknowledges limitations in guaranteeing the security of messages handled by third-party providers. This caveat implies potential security risks associated with third-party messaging interoperability, possibly incentivizing users to stick with Meta’s native messaging services.
Meta emphasizes the scalability and reliability of its existing infrastructure, capable of handling over 100 billion messages daily. However, Meta remains the arbiter of interop standards, requiring third parties to sign agreements before enabling interoperability. WhatsApp’s Reference Offer for third-party providers has been made public, with Messenger’s offer to follow soon.
As Meta navigates the intricacies of DMA compliance and messaging interoperability, its approach underscores the company’s commitment to maintaining user privacy and security while fostering a more connected messaging ecosystem.
For more insights and updates, visit our KI Design blog here.
Stay connected with us on Twitter for the latest news and discussion