The EU\u2019s Digital Markets Act (DMA) requires major tech companies to make their products more open and interoperable in order to increase competition. Thanks to the DMA, iOS will soon permit third-party app stores<\/a> to be installed on it, and major messaging platforms will need to allow communication with other similar apps \u2014 creating cross-platform compatibility. Meta (Facebook) engineers recently detailed<\/a> how this compatibility will be implemented in its WhatsApp and Messenger. The benefits of interoperability are clear to anyone who\u2019s ever texted or emailed. You\u2019ll be able to send or receive messages without worrying about what phone, computer, or app the other person is using, or what country they\u2019re in. However, there are downsides: first third parties (from intelligence agencies to hackers) often have access to your correspondence; second, such messages are prime targets for spam and phishing<\/a>. So, will the DMA be able to ensure provision of interoperability and its benefits, while eliminating its drawbacks?<\/p>\n It\u2019s important to note that while the DMA\u2019s impact on the iOS App Store will only affect EU users, cross-platform messaging will likely impact everyone \u2014 even if it will be only EU partners that connect to the WhatsApp infrastructure.<\/p>\n Theoretically, yes, but not yet in practice. Meta has published specifications and technical requirements for partners who want their apps to be interoperable with WhatsApp or Messenger. It\u2019s now up to these partners to climb aboard and develop a working bridge between their service and WhatsApp. To date, no such partnerships have been announced.<\/p>\n Owners and developers of other messaging services may be reluctant to implement such functionality. Some consider it insecure; others are unwilling to invest resources into rather complex integration. Meta requires potential partners to implement end-to-end encryption (E2EE)<\/a> no weaker than in WhatsApp, which is a significant challenge for many platforms<\/p>\n Even when (or if) third-party services show up, only those WhatsApp users who explicitly opt-in will be able to message across platforms. It won\u2019t be enabled by default.<\/p>\n Based on WhatsApp beta versions<\/a>, messages with users on other platforms will be housed in a separate section of the app to distinguish them from chats with WhatsApp users.<\/p>\n Initially, only one-on-one messaging and file\/image\/video sharing will be supported. Calls and group chats won\u2019t be available for at least a year.<\/p>\n User identification remains an open question. In WhatsApp, users find each other by phone number, while on Facebook, they do it by name, workplace, school, friends of friends, or other similar identifiers (and ultimately by a unique ID). Other platforms might use incompatible identifiers, like short usernames in Discord<\/a>, or alphanumeric IDs in Threema<\/a>. This is likely to impede automatic search and user matching, and at the same time facilitate impersonation attacks by scammers.<\/p>\n One of the key challenges with integrating different messaging platforms is implementing reliable encryption. Even if two platforms use the same encryption protocol, technical issues arise regarding storage and agreement of keys, user authentication, and more.<\/p>\n If the encryption method differs significantly, a bridge \u2014 an intermediary server that decrypts messages from one protocol and re-encrypts them into another \u2014 will likely be needed. If it seems to you that this is a man-in-the-middle (MITM)<\/a> attack waiting to happen, where hacking this server would allow eavesdropping, you\u2019re misgiving would be on the money. The failed Nothing Chats<\/a> app, which used a similar scheme to enable iMessage on Android, recently demonstrated this vulnerability. Even Meta\u2019s own efforts are illustrative: encrypted messaging between Messenger and Instagram was announced over five years ago, but full-scale encryption in Messenger only arrived<\/a> last December, and seamless E2EE in Instagram remains not fully functional to this day. As this in-depth article<\/a> explains, it\u2019s not a matter of laziness or lack of time, but rather the significant technical complexity of the project.<\/p>\n Cryptographers are generally highly skeptical<\/a> about the idea of cross-platform E2EE. Some experts believe the problem can be solved<\/a> \u2014 for example, by placing the bridge directly on the user\u2019s computer or by having all platforms adopt a single, decentralized messaging protocol. However, the big fish in the messaging market aren\u2019t swimming in that direction at all. It\u2019s hard to accuse them of idleness or inertia \u2014 all practical experience demonstrates that reliable and user-friendly message encryption within open ecosystems is difficult to implement. Just look at the saga<\/a> of PGP encryption in email, and the confessions of top cryptography experts<\/a>.<\/p>\n We\u2019ve compiled information on the WhatsApp\/Messenger integration plans of major communication platforms, and assessed the technical feasibility of cross-platform functionality:<\/p>\nCan you chat on WhatsApp with users of other platforms?<\/h2>\n
What will such messaging look like?<\/h2>\n
Encryption challenges<\/h2>\n