The Foundation: HSM-Based Backup Key Vault
Meta has built a robust system to safeguard the encrypted backups of WhatsApp and Messenger users. At the core of this effort lies the HSM-based Backup Key Vault, a specialized infrastructure that ensures backed-up message history remains truly private. The vault relies on hardware security modules (HSMs)—tamper-resistant devices designed to store cryptographic keys—for generating and protecting a recovery code. This code is the only way to unlock the backup; neither Meta, cloud storage providers, nor any third party can access it.
The vault operates as a geographically distributed fleet spread across multiple data centers. To maintain reliability and consistency, it uses a majority-consensus replication mechanism, which ensures that even if some nodes fail or are compromised, the system continues to function correctly and securely.
Recent Enhancements to the Infrastructure
Late last year, Meta simplified the process of creating end-to-end encrypted backups by introducing passkeys. Now, the company is strengthening the underlying infrastructure with two key updates: over-the-air fleet key distribution for Messenger and a public commitment to evidence of secure fleet deployments.
Over-the-Air Fleet Key Distribution for Messenger
When a client (such as the WhatsApp or Messenger app) connects to the HSM fleet, it must verify the fleet’s public keys to ensure authenticity. In WhatsApp, these keys are hardcoded directly into the application. However, Messenger requires a more flexible approach because new HSM fleets may be deployed without necessitating an app update. To solve this, Meta built a mechanism that distributes fleet public keys over the air as part of the HSM response.
The keys are delivered inside a validation bundle, which is signed by Cloudflare and then counter-signed by Meta. This dual signature provides independent cryptographic proof that the keys are genuine. Cloudflare also maintains an immutable audit log of every validation bundle, offering an additional layer of transparency. The complete validation protocol is detailed in Meta’s whitepaper, “Security of End-To-End Encrypted Backups.”
More Transparent Fleet Deployment
Deploying a new HSM fleet is a rare event—typically occurring every few years. With the latest update, Meta will now publish evidence of the secure deployment of each new fleet on its engineering blog. This move is intended to demonstrate that the system operates exactly as designed and that Meta cannot access users’ encrypted backups.
Users and security researchers can verify the deployment by following the steps outlined in the Audit section of the same whitepaper. By making this information publicly available, Meta reinforces its leadership in the field of secure encrypted backups and gives users the tools to independently confirm that their data remains protected.
For a complete technical specification of the HSM-based Backup Key Vault, refer to the whitepaper “Security of End-To-End Encrypted Backups.”