Chris Kranky

Recent Posts

Impress your friend(s) with WhatsApp

Chris KoehnckeChris Koehncke

whatsappWhatsApp, highly popular outside of North America, introduced a simple Web application. Big deal right? But it’s how they implemented it that got me thinking about broader implementations, plus it makes for a good demo. Perhaps bigger is a potential business opportunity behind it.

For background, WhatsApp authenticates you by your mobile telephone number and by actual physical device. This means if you get a new mobile phone, you have to re-authenticate. This also means that WhatApp doesn’t have the classic (and dreaded) user name and password. But how to extend this service beyond a single physical device would be difficult for WhatsApp.

Their solution was simple but powerful and used a QR Code. The Japanese invented QR Codes back in 1994 and I love them. However, I stopped loving them when some non-thinking marketing person started putting them in advertising on the side of a bus. Yeah that’s a great idea.

We normally think of a QR Code as a way to get data from the image back into our mobile phone in a single transaction. WhatsApp reverse the thinking here with how to get data FROM the mobile phone TO your laptop.

Go to, and up pops a simple Web page with a prominent QR Code. Now what? Open up your WhatsApp mobile application and select WhatsApp Web. They built a QR Code reader into their app and all you need to do is scan the QR Code. That’s it. Complete directions.

What happens next has nearly every tech geek I’ve shown this too doing a “wow” that’s cool. Without doing anything, as you scan the QR Code, your computer screen will immediately update and load your WhatsApp contacts automatically. It’s really cool and happens incredibly fast and you must try this to get your own free “wow” moment.

But why and where does this lead. WhatsApp conversations are encrypted using TextSecure and all sorts of complex key code management (won’t go there today) happen in the mobile client. But the short of it is, the WhatsApp Web Applications basically pairs with your mobile phone and all messages from the Web App are actually sent to and from your mobile. The Web App, in effect, is nothing but a big keyboard and screen extension of your phone. Note: If you turn off your phone, the web application will die.

phoneOf late, we’re all getting annoying with all the additional layers of authentication that seems to be in nearly every application. It’s worse if you have multiple devices (who doesn’t). Apps are asking us to change our passwords more frequently (thanks), I’m stuck waiting for an SMS or open Google Authenticator (or similar App) and yet another 6 digit code to move into my short term memory. These have all increased security but at the expense of being both annoying and time consuming.

A couple of ideas and thoughts for you to consider for the future.

Borrow the Idea – perhaps I spent too long in Asia, but this would be a great idea to “borrow” for your own web application. I find myself wondering why some mobile app doesn’t have a matching web app when I’m sitting 2 feet away from my laptop trying to peek away at some tiny mobile keyboard. There are plenty of open source QR mobile code bases to pick from and my guess is their footprint is relatively small.

Mobile Secured Internet Application – most of these secured apps don’t use much data, so why not simply run all of them via my mobile device all the time. I can confirm I have my physical phone by scanning a unique QR code to fire the session up, how much more security do you need. We’re likely to see more of this pairing due to the unique nature of a telephone number and physical device. This would eliminate the unsteady reliance we have now with Google and Facebook single sign on concerns.

Mobile Secured Internet Service – telcos wander about upset they’re stuck selling generic pipes. Well, why not sell a more secured pipe. I’d happily pay my mobile operator another $10 a month if they could offer a security authentication service that eliminated most of the current hassle of authentication and worked with the top applications. Bonus if all the information was encrypted as well.

While WhatsApp developers simply got creative to solve their unique problem, their solution has opened up some new ideas (for me at least) about the potential of further linking my phone, phone number and me towards better security.