Skip to content

SYSTEM Cited by 1 source

Meta Anonymous Credential Service (ACS)

The Anonymous Credential Service (ACS) is Meta's cryptographic primitive for authenticating clients without identifying them. Open-sourced December 2022 (engineering.fb.com/2022/12/12/security/anonymous-credential-service-acs-open-source/); now load-bearing in WhatsApp Private Processing as the authentication step of the six-phase session flow.

Role in Private Processing

The 2025-04-30 Private Processing post states verbatim:

"Private Processing obtains anonymous credentials to verify that the future requests are coming from authentic WhatsApp clients."

And, specifically in the context of non-targetability:

"Private Processing uses anonymous credentials to authenticate users over OHTTP. This way, Private Processing can authenticate users to the Private Processing system, but remains unable to identify them. Private Processing does not include any other identifiable information as part of the request during the establishment of a system session."

ACS is the primitive that makes the chain work: OHTTP strips the IP at the relay; without ACS, the application layer would have to re-identify the client (e.g. via an auth token tied to the account), which would defeat the non-targetability property. ACS mints credentials that prove "this caller is a legitimate WhatsApp client in good standing" with unlinkable presentations — the issuing event and the redemption event cannot be correlated to the same user.

Primitive class

ACS is a member of the broader anonymous credential class alongside Privacy Pass, ARC, and ACT. The 2022 open-source release gives the primitive names and protocol shape; the Private Processing post treats ACS as a black-box primitive and does not restate the internals — readers who need those details should follow through to the 2022 ACS post.

Seen in

Last updated · 319 distilled / 1,201 read