Rakuten Viber CISO/CTO on Balancing Encryption, Abuse Prevention, and Platform Resilience

Messaging applications have evolved from convenience tools to essential public‑service infrastructure, especially during wars, natural disasters, or government shutdowns. When billions rely on a single platform to confirm safety or coordinate aid, any outage or breach becomes a matter of life and death. This shift forces providers like Viber to treat availability, data integrity and abuse resilience as primary security objectives, integrating protective controls directly into product flows rather than tacking them on later.

End‑to‑end encryption is now the baseline, but it creates a paradox: content is unreadable, yet malicious activity must still be stopped. Viber resolves this by analyzing encrypted‑traffic metadata, user‑behavior patterns and AI‑generated risk scores, allowing real‑time detection of account takeovers, coordinated spam and deep‑fake fraud without compromising privacy. Key‑management processes are engineered for seamless device migration and recovery, ensuring that security does not become a barrier during crises.

Operational readiness is equally critical. Viber’s incident‑response teams run stress‑tests that simulate disinformation campaigns, impersonation attacks and coordinated influence operations, focusing on response velocity and decision‑making under uncertainty. Success metrics prioritize user‑harm indicators—blast radius, takeover rates, false‑positive impact—over traditional volume‑based dashboards. By aligning technical safeguards with human‑behavior insights, Viber demonstrates a scalable model for secure, resilient global messaging that other platforms are likely to emulate.