diff --git a/src/crypto/DeviceList.js b/src/crypto/DeviceList.js
index c31ab9898..6ef8a0dee 100644
--- a/src/crypto/DeviceList.js
+++ b/src/crypto/DeviceList.js
@@ -379,6 +379,26 @@ export class DeviceList extends EventEmitter {
         return DeviceInfo.fromStorage(devs[deviceId], deviceId);
     }
 
+    /**
+     * Get a user ID by one of their device's curve25519 identity key
+     *
+     * @param {string} algorithm  encryption algorithm
+     * @param {string} senderKey  curve25519 key to match
+     *
+     * @return {string} user ID
+     */
+    getUserByIdentityKey(algorithm, senderKey) {
+        if (
+            algorithm !== olmlib.OLM_ALGORITHM &&
+            algorithm !== olmlib.MEGOLM_ALGORITHM
+        ) {
+            // we only deal in olm keys
+            return null;
+        }
+
+        return this._userByIdentityKey[senderKey];
+    }
+
     /**
      * Find a device by curve25519 identity key
      *
@@ -388,19 +408,11 @@ export class DeviceList extends EventEmitter {
      * @return {module:crypto/deviceinfo?}
      */
     getDeviceByIdentityKey(algorithm, senderKey) {
-        const userId = this._userByIdentityKey[senderKey];
+        const userId = this.getUserByIdentityKey(algorithm, senderKey);
         if (!userId) {
             return null;
         }
 
-        if (
-            algorithm !== olmlib.OLM_ALGORITHM &&
-            algorithm !== olmlib.MEGOLM_ALGORITHM
-        ) {
-            // we only deal in olm keys
-            return null;
-        }
-
         const devices = this._devices[userId];
         if (!devices) {
             return null;
diff --git a/src/crypto/index.js b/src/crypto/index.js
index 1bbba816a..7c0306e1b 100644
--- a/src/crypto/index.js
+++ b/src/crypto/index.js
@@ -842,7 +842,7 @@ Crypto.prototype.checkDeviceTrust = function(userId, deviceId) {
  * @returns {DeviceTrustLevel}
  */
 Crypto.prototype._checkDeviceInfoTrust = function(userId, device) {
-    const trustedLocally = device && device.isVerified();
+    const trustedLocally = !!(device && device.isVerified());
 
     const userCrossSigning = this._deviceList.getStoredCrossSigningForUser(userId);
     if (device && userCrossSigning) {
@@ -2189,10 +2189,13 @@ Crypto.prototype._backupPendingKeys = async function(limit) {
         const forwardedCount =
               (sessionData.forwarding_curve25519_key_chain || []).length;
 
+        const userId = this._deviceList.getUserByIdentityKey(
+            olmlib.MEGOLM_ALGORITHM, session.senderKey,
+        );
         const device = this._deviceList.getDeviceByIdentityKey(
             olmlib.MEGOLM_ALGORITHM, session.senderKey,
         );
-        const verified = this._checkDeviceInfoTrust(this._userId, device).isVerified();
+        const verified = this._checkDeviceInfoTrust(userId, device).isVerified();
 
         data[roomId]['sessions'][session.sessionId] = {
             first_message_index: firstKnownIndex,