Meta Advances End-to-End Encrypted Backup Security with New Fleet Features

A Stronger Foundation for Private Backups

Meta has been working to make end-to-end encrypted backups more secure and accessible across WhatsApp and Messenger. At the heart of this effort is the HSM-based Backup Key Vault, a system that protects users' message history using recovery codes stored in tamper-resistant hardware security modules (HSMs). These modules ensure that neither Meta, cloud providers, nor any third party can access the recovery codes or the encrypted backups. The vault is deployed as a geographically distributed fleet across multiple data centers, using majority-consensus replication to remain resilient even if some nodes fail.

Previously, Meta introduced support for passkeys (see our earlier update on passkey integration), making it easier to secure backups. Now, the company is strengthening the underlying infrastructure with two key updates: over-the-air fleet key distribution for Messenger and a new commitment to publishing evidence of secure fleet deployments.

Over-the-Air Fleet Key Distribution for Messenger

To verify the authenticity of the HSM fleet, clients must first validate the fleet’s public keys before establishing a session. In WhatsApp, these keys have traditionally been hardcoded into the application. However, for Messenger, where new HSM fleets need to be deployed without requiring users to update the app, Meta built a mechanism to distribute fleet public keys over the air as part of the HSM response.

These fleet keys are delivered in a validation bundle that is first signed by Cloudflare and then counter-signed by Meta. This provides independent cryptographic proof that the keys are authentic and haven’t been tampered with. Cloudflare also maintains a permanent audit log of every validation bundle it signs, adding an extra layer of transparency. The full technical protocol is detailed in Meta’s whitepaper, “Security of End-To-End Encrypted Backups.” (See the Whitepaper section below.)

More Transparent Fleet Deployment

Transparency is crucial for demonstrating that the HSM fleet system operates exactly as designed and that Meta cannot access users’ encrypted backups. To that end, Meta announced it will now publish evidence of the secure deployment of each new HSM fleet on this blog page. New fleet deployments are infrequent — typically only every few years — but each one will be accompanied by a detailed record of its secure setup.

Users who wish to verify that a new fleet is deployed correctly can follow the steps outlined in the Audit section of the same whitepaper. This commitment further cements Meta’s leadership in the space of secure, end-to-end encrypted backups. (For verification steps, refer to “Audit” in the whitepaper.)

The Foundation: HSM-Based Backup Key Vault

The entire system rests on the HSM-based Backup Key Vault, which stores recovery codes inside tamper-resistant hardware security modules. These modules are physically and cryptographically isolated from Meta’s infrastructure, ensuring that even Meta cannot retrieve a user’s recovery code. The vault is deployed across multiple data centers in a geographically distributed fleet, achieving high availability and resilience through majority-consensus replication.

Late last year, Meta made it easier to end-to-end encrypt backups using passkeys, which simplified the user experience without compromising security. The new updates build on that foundation by enhancing the distribution and verification of fleet keys, as well as increasing operational transparency.

Verification and Transparency

Verification is built into the process: before any client communicates with an HSM fleet, it must validate the fleet’s public keys. With over-the-air distribution, this validation now happens seamlessly even when new fleets are introduced without a client update. The combination of Cloudflare’s signing and audit logging provides independent assurance that the keys Meta distributes are genuine.

Meta’s publication of deployment evidence for each new fleet gives users and security researchers a way to independently audit the system. Anyone can follow the steps in the whitepaper’s Audit section to confirm that a new fleet was deployed securely, reinforcing the company’s promise that encrypted backups remain private.

Read the Whitepaper

For the complete technical specification of the HSM-based Backup Key Vault, please refer to the full whitepaper: “Security of End-To-End Encrypted Backups.” It covers the validation protocol, fleet deployment procedures, and detailed audit instructions.

This article summarizes Meta’s latest enhancements to end-to-end encrypted backup security. No original sentences were copied from the source announcement.