WhatsApp reduces spam, despite end-to-end encryption
Security

WhatsApp reduces spam, despite end-to-end encryption

Can a spam filter work even without reading the content of your messages?

WhatsApp thinks so. Since last April, the messenger app has been successfully fighting spam abuse, even as it’s been using end-to-end encryption.

That encryption means that no one -- not even WhatsApp -- can read the content of your messages, except for the recipient.

More privacy, however, can raise issues about spam detection. If WhatsApp can’t scan your messages for suspicious content, say for advertisements peddling cheap Viagra, then how can it effectively filter them out?

“In reality, we actually haven’t seen this as a big problem,” WhatsApp software engineer Matt Jones said on Wednesday. “We actually reduced spam by about 75 percent from around the time that we launched end-to-end encryption.”

Its spam detection mechanisms work by looking at unusual behavior from users in real-time, Jones said while speaking at the USENIX Enigma 2017 conference.

For instance, WhatsApp will analyze how long a suspected spammer has been registered on WhatsApp or how many messages he has sent in the last 30 seconds.

To detect what activity is possibly malicious, WhatsApp has been studying the behavior of spammers who've already been banned on the platform, Jones said. That’s helped WhatsApp learned their tricks of the trade. So it’ll be on the lookout for telltale patterns, such as evidence a bad actor was running a computer script to send out a flood of WhatsApp messages.

dsc05637 Michael Kan

The level of spam has fallen on WhatsApp since implementing end-to-end encryption. 

The app is also looking at the “reputation” of the internet and mobile providers powering the suspected spammer’s messages, Jones said. That includes examining the network and the phone numbers to determine if WhatsApp has routinely blocked other spammers from related sources in the past.

In the fight against spam, WhatsApp also has a key advantage over platforms such as email. To register, users need to provide the app a phone number. That can be a hassle for spammers. 

“If we make things expensive for [the spammers], their business model won’t work,” Jones said.

Improbable scenarios, such as a user with a U.S. phone number suddenly connecting to an internet network in India, will also set off alarms, Jones said. But the spam detection isn’t perfect, he said, and it will result in mistakes. For example, users who are traveling internationally might be flagged.

The messaging app also takes a strict stance on suspected offenders. Rather than try to filter out spam, it’ll block the account where the messages came from, Jones said.

For spammers, that means a quick boot from the service. But for legitimate users, it can mean being unfairly banned and filing an appeal. However, the messaging app has been introducing new measures to cut down the incorrect user bans, Jones said.

IDG Insider

PREVIOUS ARTICLE

«Gmail will push users further away from XP and Vista

NEXT ARTICLE

AMD sets Ryzen up for a strong start as chip battle with Intel looms»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?