WhatsApp reduces spam, despite end-to-end encryption

Credit to Author: Michael Kan | Date: Wed, 01 Feb 2017 14:16:00 -0800

Can a spam filter work even without reading the content of your messages?

WhatsApp thinks so. Since last April, the messenger app has been successfully fighting spam abuse, even as it’s been using end-to-end encryption.

That encryption means that no one — not even WhatsApp — can read the content of your messages, except for the recipient.

More privacy, however, can raise issues about spam detection. If WhatsApp can’t scan your messages for suspicious content, say for advertisements peddling cheap Viagra, then how can it effectively filter them out?

“In reality, we actually haven’t seen this as a big problem,” WhatsApp software engineer Matt Jones said on Wednesday. “We actually reduced spam by about 75 percent from around the time that we launched end-to-end encryption.”

Its spam detection mechanisms work by looking at unusual behavior from users in real-time, Jones said while speaking at the USENIX Enigma 2017 conference.

For instance, WhatsApp will analyze how long a suspected spammer has been registered on WhatsApp, or how many messages he has sent in the last 30 seconds.

To detect what activity is possibly malicious, WhatsApp has been studying the behavior of spammers who’ve already been banned on the platform, Jones said. That’s helped WhatsApp learned their tricks of the trade. So it’ll be on the lookout for telltale patterns, such as evidence a bad actor was running a computer script to send out a flood of WhatsApp messages.

The level of spam has fallen on WhatsApp since implementing end-to-end encryption. 

The app is also looking at the “reputation” of the internet and mobile providers powering the suspected spammer’s messages, Jones said. That includes examining the network and the phone numbers to determine if WhatsApp has routinely blocked other spammers from related sources in the past.

In the fight against spam, WhatsApp also has a key advantage over platforms such as email. To register, users need to provide the app a phone number. That can be a hassle for spammers. 

“If we make things expensive for [the spammers], their business model won’t work,” Jones said.

Improbable scenarios, such as a user with a U.S. phone number suddenly connecting to an internet network in India, will also set off alarms, Jones said. But the spam detection isn’t perfect, he said, and it can result in mistakes. For example, users who are traveling internationally might be flagged.

The messaging app also takes a strict stance on suspected offenders. Rather than try to filter out spam, it’ll block the account where the messages came from, Jones said.

For spammers, that means a quick boot from the service. But for legitimate users, it can mean being unfairly banned and then needing to file an appeal. However, the messaging app has been introducing new measures to cut down on incorrect user bans, Jones said.

http://www.computerworld.com/category/security/index.rss