WhatsApp has rolled out a new web extension that is free to use and goes by the name of “Code Verify” which lets users check the authenticity of the web version of WhatsApp.
Code verify extension will be available for Chrome, Edge, and Firefox browsers.
Designed for users to verify the authenticity of their WhatsApp Web code being served to the browser.
WhatsApp claims running the extension will give privacy concerned users more security along with that WhatsApp has also partnered with Cloudflare to enable the deployment of the browser extension at scale.
Since introducing multi-device capability last year, WhatsApp witnessed an increase in the number of people accessing the service through their web browser, and because of this WhatsApp can now be accessed on four other devices without being tethered to their phone.
With the shift in usage, WhatsApp is now adding more security tools and it has also listed reasons why they need to ensure security measures, especially with the web version.
The mobile app is vetted by third-party app stores but the same doesn’t happen for WhatsApp Web.
What is “Code Verify”?
Code Verify is an open-source web browser extension and WhatsApp claims this extension checks for the resources on the entire webpage to verify the authenticity of the code and automatically gets pinned once added in edge and Firefox browsers but for Chrome users, they’ll need to pin it for optimal usage.
The main reason for the introduction of this extension is to protect users from knowingly or unknowingly using any third-party version of messaging service acting as a real-time alert system that lets users know the authenticity of WhatsApp web on the browser.
This extension has been open-sourced for others to contribute which was developed in partnership with Cloudflare, a web infrastructure and security company.
WhatsApp claims the extension doesn’t log any user data and doesn’t share any information with WhatsApp or Meta (Parent organization of WhatsApp).
How does Code Verify works?
Cloudflare will check the resources on the entire web page and according to reports, Cloudflare has been given a cryptographic hash source of truth for WhatsApp web’s code written in JavaScript.
So, when someone runs the extension, it starts automatically comparing the code with that version of code which is verified by WhatsApp and published on Cloudflare.
WhatsApp has compared the browser extension with the likes of a traffic light, after the user installs the extension, it runs automatically and will be acting as a real-time alert system.
If the WhatsApp code is fully validated, it’ll show a checkmark in a green circle at the place where it’s pinned to the toolbar.
If the appearance of the icon is in orange, it’s a sign that the user needs to refresh the page or another extension is interfacing with the browser and in circumstances like this, you need to pause the working of other functioning extensions added to your browser.
If the icon appears red, it indicates there’s a possible security issue with the WhatsApp web code and expresses the desire to take action immediately.
You can see more information about validation by clicking on the extension or you can always insist on the learn more option. If you want to know about how the extension works behind the scene, you can download the source code.