Meta has made two improvements to its HSM-based Backup Key Vault, which underpins end-to-end encrypted backups for WhatsApp and Messenger. First, over-the-air fleet key distribution now allows Messenger to deploy new HSM fleets without requiring an app update — fleet public keys are delivered in a validation bundle co-signed by Cloudflare and Meta, with an audit log maintained by Cloudflare. Second, Meta commits to publicly publishing evidence of each new secure HSM fleet deployment on its engineering blog, allowing users to independently verify deployments using steps in the official security whitepaper.
Sort: