![]() ![]() When a user uses Code Verify extension, it compares the code of WhatsApp web with the code version provided by WhatsApp and with the code published on Cloudflare. WhatsApp provided a cryptographic hash source of truth that is based on the WhatsApp web’s JavaScript code. ![]() The working structure of Code Verify can be explained in a flow chart. Cloudflare plays a major role to enhance trust in this process. Code Verify checks the entire resource page for tampered data. But Subresource integrity lacks in many cases since it only applies to single files. It uses the concept of “subresource integrity” to do this. It is also left open source so that other companies might also use that code to build their own security extensions or authenticators.Ĭode Verify will check every resource being fetched by the browser and ensures that they are not manipulated or tampered in any way. Code Verify – How Does it Work?Ĭode Verify has partnered with Cloudflare to help provide transparent verification of the code. Code Verify adds an additional layer of security to WhatsApp web users. Any third party sites might intervene in the browser’s functionality and steal confidential data or tamper the integrity. It is directly served to the user’s browser. But when it comes to browsers, there is no auditing or reviewing of the integrity. ![]() ![]() In case of a mobile app, the authenticity of the application is audited by any of the third-party app stores. End-to-end encryption has been in place for a long period of time in WhatsApp in which messages are encrypted from the sender’s end and decrypted at the receiver’s end. This extension verifies the authenticity of the WhatsApp web code served to the user’s browser. To protect WhatsApp web users from tampered QR codes, Meta has introduced a new browser extension known as “Code Verify”. ![]()
0 Comments
Leave a Reply. |