Meta Elaborates Coordination between WhatsApp and Messenger to Comply with EU DMA Regulations -

Post Views: 73

Meta Elaborates Coordination between WhatsApp and Messenger to Comply with EU DMA Regulations

Meta has provided comprehensive information regarding its strategies for achieving interoperability between third-party messaging services and WhatsApp and Messenger in the European Union, in light of the implementation of the Digital Markets Act (DMA).

“This enables individuals of third-party providers who decide to turn on interoperability (interop) to send as well as receive messages with opted-in users of either Facebook Messenger or WhatsApp – both designated by the European Commission (EC) as being needed to independently supply interoperability to third-party messaging services,” according to Meta’s Dick Brouwer.

The Digital Market Antitrust Regulation (DMA), which went into effect on March 7, 2024, mandates that gatekeeper companies (Apple, Alphabet, Meta, Amazon, Microsoft, and ByteDance) fulfill specific responsibilities. These requirements stem from the European Commission’s endeavors to combat anticompetitive conduct among technology companies, level the playing field, and compel these entities to make certain services accessible to competitors.

In an effort to adhere to the landmark regulations, the social media colossus stated that it expects third-party providers to utilize the Signal Protocol, which provides end-to-end encryption for both WhatsApp and Messenger.

It is also mandatory for third parties to encapsulate the encrypted communications within message stanzas formatted in eXtensible Markup Language (XML). Meta clients utilize a Meta proxy service to obtain an encrypted version of the message from the third-party messaging servers, in the event that the message contains media content.

Additionally, the organization is putting forth a “plug-and-play” framework that enables third-party providers to establish connections with its infrastructure in order to accomplish interoperability.

“Using the instance of WhatsApp, third-party clients are going to connect to WhatsApp servers using our protocol (based on the Extensible Messaging and Presence Protocol – XMPP),” Brouwer stated.

“The WhatsApp server is going to communicate with a third-party server over HTTP in order to make possible a number of things like authenticating third-party users and push notifications.”

In addition, when opting into its network, third-party clients are required to utilize the WhatsApp Enlistment API. Additionally, they must furnish cryptographic evidence proving the proprietorship of the third-party user-visible identifier during the connection process or when a third-party user registers on WhatsApp or Messenger.

In order to furnish a third-party provider with additional information regarding the types of content that their client can receive from the WhatsApp server, the technical architecture also permits the third-party provider to add a proxy or intermediary between their client and the WhatsApp server.

“The problem here is that WhatsApp wouldn’t be able to maintain a direct link to both clients and, as a result, would lose connectivity level indications that are essential to maintaining users safe from spam and scams such as TCP fingerprints,” said Brouwer.

“This method additionally sends all the chat metadata to the proxy server, thereby raising the possibility that this data could be either unintentionally or intentionally leaked.”

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.

READ MORE ARTICLE HERE