CTO & Co-Founder

16 Okt, 2018

WhatsApp Business API - What every CIO needs to know.

Find me on:

Messaging, Kommunikation, Digitalisierung, DSGVO, WhatsApp, Vertrieb

As we all know, today WhatsApp is the instant messaging channel with global domination.

Most of private digital communication over the past 10 years moved to instant messaging, and while there are Messengers with richer feature sets and exceeding growth rates (like 50% for Telegram), WhatsApp has been the epicenter of the movement.

A value Facebook recognised with the acquisition of WhatsApp, but as of now has failed to generate revenue from the huge User Base. Last year, CEO Mark Zuckerberg announced on the Q4 2017 that WhatsApp had 1.5 billion users and seen 60 billion messages sent per day. This is an insane number by any standards. If WhatsApp were a country, it will be the first largest country in the world.

In the meantime enterprises have been searching for ways to engage with their customers via WhatsApp. Not all enterprises of course. But for those, operating in a branch where competition is high and products are similar, customer service quality have been the driver for these attempts.

Pretty dense market situation, right?

Observers of this melting pot have been aware of upcoming changes since a year. The change is called the „WhatsApp Business API“, and it’s in closed Beta. Facebooks go-to-market strategy, as well as product decisions made so far, are very smart and do have effects of which probably Facebook was not even aware of.

So what is the WhatsApp Business API?

In short: It’s a software appliance that exposes a private API for a dedicated Enterprise WhatsApp Account. Anyone possessing WhatsApp can reach out to this WhatsApp Account (for them it’s yet another number to add to their contact list). Enterprises can use the API to reply and engage with their customers.

This is a very smart design decision made by WhatsApp, since it knocks out two issues that Privacy and Compliance Officers always had with WhatsApp:

* It respects privacy.

When installing WhatsApp on your private phone, WhatsApp acquires all your contacts (which is Personally Identifiable Information), without the individual contacts consent. Imagine you would install WhatsApp in your CRM and as part of the installation it sends all your customer data to WhatsApp servers. This would be a Privacy Disaster (and quite a bit more). The design chosen by WhatsApp in this regards is smart. It’s an active-passive system, just sitting there within your infrastructure and waiting for messages. It does not read from any other system (except its own database and file storage obviously) and does not move data somewhere else out of nowhere.

* It is potentially secure.

This design allows private keys for End-To-End encryption to remain under the control of the enterprise running the appliance (be it in their own physical infrastructure or as a service with DPA or EU Standard Clauses contracts). The appliance requires a database and a file storage, which basically means that WhatsApp does not even have to replicate encrypted data to their servers. It’s only available for you and your customer.

= Messaging without SPAM

With these two requirements being fulfilled, it is clear that Facebooks current efforts are targeting a serious enterprise Product. But there are other smart decision made:

* The communication restrictions aim to prohibit spam and to preserve the private nature of the messenger, while being sane.

On WhatsApp there is a rule: 24 hours after you received the last message from your customer, you can only send a template to your customer. The templates are reviewed and approved by WhatsApp on a case per case basis. This means that you can not just write anything, but your business can engage with pretty much everyone (given you are aware of his phone number). And that’s a very important feature.

From a GDPR perspective.

According to GDPR, you are required to have a customers consent to reach out to him. He needs to Opt-In for this service. GDPR does not care about how he opted in. This means: Given you receive a phone call of a customer and at the end ask him or her if he is wants to keep on talking via WhatsApp and he says yes, you do have his consent and you are allowed to reach out to him on WhatsApp. There are Messengers (like Facebook Messenger) which are way more rigid here and only allow consumer initiated conversations. This basically kills every use case except for the support. WhatsApp overcomes this problem in a sane way that still has barriers for spam in place.

The Pricing - or why it is important for WhatsApp to prohibit SPAM.

It is very clear: A lot of product decisions by WhatsApp have been made with the goal to prohibit spam, and that makes perfectly sense. WhatsApp is in a dominating position, but there is also a risk for them. And the risk is that WhatsApp will loose Users. As already said earlier, there are Messengers with bigger growth rates and better feature sets. In some regions, there are also players with a relevant size - like WeChat in China for example globally counting over 1 billion Users.

WhatsApp biggest asset right now is their number of users, and they are used to a private community. With allowing Enterprises on the Platform, WhatsApp also faces the risk that users are being spammed, and leave the network. Users leaving the platform, means the network will lose value. Preventing spam has also influenced the pricing. You have to pay for initiating conversations with new customers. If they write back, answering is free. Initiating a conversation costs your close to as much as a text message costs you (in Germany ~0,07E, in US ~0,01E).

Greenfield for WhatsApp Numbers.

Another important restriction of the WhatsApp Enterprise API is concerning the numbers, your employees will be available on. Current number-based WhatsApp Accounts can not be transferred to Business Accounts. This has quite a huge implication for Enterprises, as well as for consumers. For consumers, this introduces another level of protection of their personal data. So far data, such as messages and attachments, being transferred via WhatsApp has been processed as specified by the WhatsApp ToS. Not your business ToS. Your customers will have to engage with new numbers, covered by your ToS.

This is a nice decision for customers, but also has a potential effect for enterprises. In the past most enterprises did not allow their employees to use WhatsApp when communicating with their customers. Something that customers simply did not care about and anyways were still engaging with for example sales agents (as they of course have been using WhatsApp for their private communication).

In addition a lot of Enterprises pursued a BYOD policy in regards to mobile clients. This decision now bites back. Enterprises aiming for their sales agents being directly available on WhatsApp, will have to start investing in mobile networking infrastructure, as each sales agent will need to have a dedicated number with WhatsApp functionality enabled on it. This is a step, worth considering with or without WhatsApp. When your sales agents brick their own number, customers will be bounded to that number. This means that when your sales agent leaves and starts working for a competitor, he will also take his accounts with him. The customers typically call the sales agent, and not your enterprise.

The future of WhatsApp Business API.

The WhatsApp Business API is still a product in early stage and subject to frequent change. Nevertheless we can already see features evolving, which of course are backed by experience of Facebook engineering and product management. Namely:

  • Payments
  • Bots Integrations
  • Analytics & Engagement oriented Reporting

Naturally we expect the product to be tighter integrated into Facebooks enterprise segment, as of now the WhatsApp Business API is already integrated into the Facebook Business Manager.

If successful, the WhatsApp Business API will be a substantial part of Enterprises OmniChannel Customer Service Strategies.

It will of course also render a lot of investments invalid. Quite a number of startups, with secure B2C instant messaging in the product scope, have been emerging over the past. Some Enterprises even opted in for engineering an in-house solution. Those investments will lose a lot of value, if WhatsApp Business API proofs to be successful.

The biggest Risk for Facebooks success, though is one thing: Trust.

WhatsApp might very well be a compliant and secure product, but Facebook will have to invest into generating trust. Collaboration with state bureaus (such as the BSI in Germany), can and should play a key factor here.