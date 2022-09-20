WhatsApp is preparing additional ions for our that will limit the scope of attacks such as SIM Swapping. Instead of sitting idly by and seeing how our account disappears from our mobile, we will have more information about it and an opportunity to strengthen our security.

We learned a few months ago that WhatsApp would start giving us the option to allow or not to move our WhatsApp account to a new phone. Now we have more information about the next steps and what you can do about them to protect your account.

Today, if someone uses your phone number to try to sign up for WhatsApp, you get a notification on your mobile: WhatsApp registration code requested. It indicates that someone has requested a registration code for your number, but otherwise you can’t do anything. If the other person has access to the verification code by some means (for example, they have a duplicate of your SIM), then they can register the account and start using it.

At this point, your WhatsApp account will show another notification: Your phone number is no longer registered in WhatsApp on this phone. This may be because you registered it on another phone. In this case, you have only one option to recover your account: press Verify and write the verification code. However, this will not always work for you, such as if you are a victim of SIM Swapping or if the number has been registered several times in a row and you have to wait a few hours for the next registration.

The system is not optimal, and WhatsApp is working on improving it so that victims of this type of attack have better expectations of keeping their account. To begin with, we have already seen that the warning window when someone uses our phone number would be somewhat less passive, asking us if we allow to move the account to a new phone. Now we have some more information about it.

If indeed we choose we allow to move the account to a new phone, we will find a window that reminds us of the importance of making a backup, to have all our messages on the new phone (if we use the same Google account). For security, we must confirm our intentions by pressing Transfer and deletewhich will erase all our messages from the old mobile.

On the contrary, if we do not allow the transfer We will be warned that someone tried to register our phone number and we are reminded of the importance of never sharing the codes that WhatsApp sends by SMS. We then have the option to add more security to our account, which invites us to configure two-step verification. This way, even if they have the verification code, they won’t be able to use your account.

this novelty not yet available to usersalthough it’s been in development for a few months now and seems to be almost ready, so it’s only a matter of time before someone in Meta hits the button from the server side.