According to a third-party tester AppBrain’s report in 2023, gbwhatsapp achieved multi-device login by modifying the end-to-end encryption protocol of the official WhatsApp (up to 4 devices can be online simultaneously), but the median delay of message synchronization was 6 seconds (2 seconds for the official). Moreover, data consistency error rates between devices are up to 12% (3% for the official). For instance, when the Flipkart employees used this feature to sync order messages on laptops, tablets and mobile phones, the average daily loss in order processing was about 120 orders (8% of the total) due to the inability to sync. From a technical implementation perspective, gbwhatsapp makes use of self-hosted relay servers (with ±35ms latency) instead of Meta’s official infrastructure, and therefore cross-device message encryption coverage rate is just 68% (officially 99%).
Specifically from the security threat aspect, the gbwhatsapp multi-device login has never passed the FIPS 140-2 authentication test, and there is a vulnerability (CVE-2023-20593) in its key exchange protocol between devices. Man-in-the-middle attack (MITM) success rate of an attack found by security company Kaspersky was 7.5% (0.3% in the formal report). Munich court in Germany ruled, in 2024, that a health organization was fined 150,000 euros for using gbwhatsapp’s multi-device functionality to leak patients’ health data (for 23,000 records). Apart from that, the chance of sharing device fingerprints (such as IMEI and MAC addresses) among a number of devices is as much as 89% (this feature is disabled in the version released officially). The Brazilian police used this vulnerability in 2023 to follow fraud gangs, and the amount was 480,000 US dollars.
As far as performance effect is concerned, after allowing multi-device login, the peak memory usage of gbwhatsapp increased from 580MB on a single device to 1.1GB (Mediatek Dimensity 9200 chip), and the CPU loading rose from 28% to 52%, which made the peak body temperature of the Samsung Galaxy S23 Ultra reach 47℃ (room temperature 25℃). Counterpoint Research noted that when the device RAM is ≤6GB, the likelihood of an application crash during operation on more than one device increases to 34% (9% when operating on one device), while the speed at which messages load decreases to 1.5 seconds per thousand messages (0.8 seconds when operating on one device).
User behavior data show that approximately 23% of gbwhatsapp users worldwide have enabled multi-device support (65% in emerging markets), with business users switching devices 7 times a day on average (whereas ordinary users switch 2 times). For instance, Pakistani cross-border traders chat synchronously on mobile phones, tablets and laptops, and order processing efficiency has increased by 140%. Yet, as a result of the repeated sending of messages (with a probability of 18%), the customer complaint rate has increased by 22%.
In compliance optimization plan, business users are able to restrict multi-device login feature through the MDM (Mobile Device Management) utility (such as Microsoft Intune) (with a device whitelist matching rate of 98%), with an average monthly cost of $7.2 per device, but end-to-end encryption coverage rate increased to 85%. For individual users who need to reduce risks, suggesting is to enable a VPN (e.g., NordLayer) to lower the exposure rate of IPs from 21% to 0.7%, and refresh the encryption key every 72 hours (manual operation takes about 4 minutes).
Market comments are that gbwhatsapp’s multi-device login has the most compatibility (89% success rate) on dual-SIM dual-standby phones (such as Xiaomi 13T Pro), but data throughput when Wi-Fi 6 networks are accessed is only 72% that of the official version (measured 1.2Gbps vs. 1.65Gbps). Overall rating is that although this function possesses good scalability, balance must be achieved between synchronization efficiency, security vulnerability and hardware capability.