A week ago, a group of researchers from the Cyber Forensics Research & Education Group at the University of New Haven found out that Viber was not encrypting the images and videos exchanged through it, and all this data was stored in its unencrypted form on the Viber servers.
This has been a major cause of concern for a lot of people who use Viber regularly, and Viber faced heavy criticism from a lot of different agencies and watchdogs. Finally, Viber has decided to patch its security system and create encryption to protect user data.
The Viber Vulnerabilities
The biggest vulnerability that Viber users faced was that the application was not encrypting any of the data transmitted through it. This meant that everything that passed through the app could be accessed by anyone having the right technical know-how. If anyone intercepted the data stored in Viber’s servers, they would not have any problem accessing it because all of the data is stored unencrypted. Since a lot of users use Viber to send text messages, stickers, images and videos, this is a major security vulnerability and people’s important information could be at risk.
The Security Update
After the news initially came out, Viber was quick to announce an impending security update that would step up data encryption and would allow users to transmit information without the fear of having it fall into the wrong hands. The new security update is directed at encrypting and protecting all important user data and information, including images and videos exchanged on the Viber platform. Previously, Viber only encrypted the text messages, but excluded other important information such as phone numbers and other contact information. With this new update, all the previously unencrypted information will also be protected and stored securely.
So far, this security update on Viber is only available to Android users. Due to the larger number of users on Android, Viber has decided to release the update for Android first, giving a larger security cover to a majority of its users. Though Viber is still working on an update for iOS users as well, it is believed that a similar update would soon be released for them as well. Apart from the improved security, the update also improves the way images, video messages and location data of users is handled. The company has released a statement that not a single user has so far been affected due to the security loophole. However, since the vulnerability is real, and so is the threat to user data, Viber has decided to opt in for tighter and stricter security measures on the various platforms where its software app is used. It is believed that Viber would be leading a slew of security measures that some of the other similar messaging app developers such as Skype and WhatsApp, would be taking up in the near future. With the incidences of identity fraud and identity theft on the rise, and security becoming a major challenge, it is important for applications to keep up to date on security measures.