diff --git a/src/client.ts b/src/client.ts
index e3acfeb9a..e8794bba8 100644
--- a/src/client.ts
+++ b/src/client.ts
@@ -2490,6 +2490,8 @@ export class MatrixClient extends EventEmitter {
 
         const algorithm = await BackupManager.makeAlgorithm(backupInfo, async () => { return privKey; });
 
+        const untrusted = algorithm.untrusted;
+
         try {
             // If the pubkey computed from the private data we've been given
             // doesn't match the one in the auth_data, the user has entered
@@ -2557,7 +2559,7 @@ export class MatrixClient extends EventEmitter {
 
         await this.importRoomKeys(keys, {
             progressCallback,
-            untrusted: true,
+            untrusted,
             source: "backup",
         });
 
diff --git a/src/crypto/backup.ts b/src/crypto/backup.ts
index 49a1eb056..9a748af29 100644
--- a/src/crypto/backup.ts
+++ b/src/crypto/backup.ts
@@ -71,6 +71,7 @@ interface BackupAlgorithmClass {
 }
 
 interface BackupAlgorithm {
+    untrusted: boolean;
     encryptSession(data: Record<string, any>): Promise<any>;
     decryptSessions(ciphertexts: Record<string, any>): Promise<Record<string, any>[]>;
     authData: AuthData;
@@ -589,6 +590,8 @@ export class Curve25519 implements BackupAlgorithm {
         }
     }
 
+    public get untrusted() { return true; }
+
     public async encryptSession(data: Record<string, any>): Promise<any> {
         const plainText: Record<string, any> = Object.assign({}, data);
         delete plainText.session_id;
@@ -716,6 +719,8 @@ export class Aes256 implements BackupAlgorithm {
         return [outKey, authData];
     }
 
+    public get untrusted() { return false; }
+
     async encryptSession(data: Record<string, any>): Promise<any> {
         const plainText: Record<string, any> = Object.assign({}, data);
         delete plainText.session_id;