diff --git a/spec/integ/crypto/megolm-backup.spec.ts b/spec/integ/crypto/megolm-backup.spec.ts
index 2424c4a89d9..a676b0f5a74 100644
--- a/spec/integ/crypto/megolm-backup.spec.ts
+++ b/spec/integ/crypto/megolm-backup.spec.ts
@@ -25,6 +25,7 @@ import { E2EKeyResponder } from "../../test-utils/E2EKeyResponder";
 import { mockInitialApiRequests } from "../../test-utils/mockEndpoints";
 import { awaitDecryption, CRYPTO_BACKENDS, InitCrypto, syncPromise } from "../../test-utils/test-utils";
 import * as testData from "../../test-utils/test-data";
+import { SecureKeyBackup } from "../../../src/common-crypto/SecureKeyBackup";
 
 const ROOM_ID = "!ROOM:ID";
 
@@ -173,16 +174,18 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("megolm-keys backup (%s)", (backe
 
         aliceClient = await initTestClient();
         const aliceCrypto = aliceClient.getCrypto()!;
+        // @ts-ignore backupManager is an internal property
+        const aliceBackupManager: SecureKeyBackup = aliceCrypto.backupManager;
         await aliceClient.startClient();
 
         // tell Alice to trust the dummy device that signed the backup
         await waitForDeviceList();
         await aliceCrypto.setDeviceVerified(testData.TEST_USER_ID, testData.TEST_DEVICE_ID);
-        await aliceCrypto.backupManager.checkAndStart();
+        await aliceBackupManager.checkAndStart();
 
         // At this point there is no backup
         let backupStatus: string | null;
-        backupStatus = await aliceCrypto.backupManager.getActiveBackupVersion();
+        backupStatus = await aliceCrypto.getActiveSessionBackupVersion();
         expect(backupStatus).toBeNull();
 
         // Serve a backup with no trusted signature
@@ -192,11 +195,11 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("megolm-keys backup (%s)", (backe
             overwriteRoutes: true,
         });
 
-        const checked = await aliceCrypto.backupManager.checkAndStart();
+        const checked = await aliceBackupManager.checkAndStart();
         expect(checked?.backupInfo?.version).toStrictEqual(unsignedBackup.version);
         expect(checked?.trustInfo?.usable).toBeFalsy();
 
-        backupStatus = await aliceCrypto.backupManager.getActiveBackupVersion();
+        backupStatus = await aliceCrypto.getActiveSessionBackupVersion();
         expect(backupStatus).toBeNull();
 
         // Add a valid signature to the backup
@@ -213,12 +216,12 @@ describe.each(Object.entries(CRYPTO_BACKENDS))("megolm-keys backup (%s)", (backe
             });
         });
 
-        const validCheck = await aliceCrypto.backupManager.checkAndStart();
+        const validCheck = await aliceBackupManager.checkAndStart();
         expect(validCheck?.trustInfo?.usable).toStrictEqual(true);
 
         await backupPromise;
 
-        backupStatus = await aliceCrypto.backupManager.getActiveBackupVersion();
+        backupStatus = await aliceCrypto.getActiveSessionBackupVersion();
         expect(backupStatus).toStrictEqual(testData.SIGNED_BACKUP_DATA.version);
     });
 
diff --git a/src/client.ts b/src/client.ts
index 46268fa370e..99df95432e5 100644
--- a/src/client.ts
+++ b/src/client.ts
@@ -3300,10 +3300,10 @@ export class MatrixClient extends TypedEventEmitter<EmittedEvents, ClientEventHa
      *     the server, otherwise false. If we haven't completed a successful check
      *     of key backup status yet, returns null.
      *
-     * @deprecated Prefer direct access to {@link Crypto.SecureBackup.getKeyBackupStatus}:
+     * @deprecated Prefer direct access to {@link CryptoApi.getActiveSessionBackupVersion}:
      *
      * ```javascript
-     * let enabled = (await client.getCrypto().backupManager.getKeyBackupStatus()) !== null;
+     * let enabled = (await client.getCrypto().getActiveSessionBackupVersion()) !== null;
      * ```
      */
     public getKeyBackupEnabled(): boolean | null {
@@ -3447,7 +3447,7 @@ export class MatrixClient extends TypedEventEmitter<EmittedEvents, ClientEventHa
         // If we're currently backing up to this backup... stop.
         // (We start using it automatically in createKeyBackupVersion
         // so this is symmetrical).
-        if ((await this.getCrypto()?.backupManager.getActiveBackupVersion()) === version) {
+        if ((await this.getCrypto()?.getActiveSessionBackupVersion()) === version) {
             this.crypto.backupManager.disableKeyBackup();
         }
 
diff --git a/src/common-crypto/SecureKeyBackup.ts b/src/common-crypto/SecureKeyBackup.ts
index 9748db15497..2eecca23b93 100644
--- a/src/common-crypto/SecureKeyBackup.ts
+++ b/src/common-crypto/SecureKeyBackup.ts
@@ -42,13 +42,6 @@ export interface SecureKeyBackup {
      *    (or lack thereof).
      */
     checkAndStart(): Promise<KeyBackupCheck | null>;
-
-    /**
-     * Get the current status of key backup.
-     *
-     * @returns If automatic key backups are enabled, the `version` of the active backup. Otherwise, `null`.
-     */
-    getActiveBackupVersion(): Promise<string | null>;
 }
 
 /**
diff --git a/src/crypto-api.ts b/src/crypto-api.ts
index eeb0662bc53..315cff44dc4 100644
--- a/src/crypto-api.ts
+++ b/src/crypto-api.ts
@@ -324,6 +324,13 @@ export interface CryptoApi {
      * @param key - the backup decryption key
      */
     storeSessionBackupPrivateKey(key: Uint8Array): Promise<void>;
+
+    /**
+     * Get the current status of key backup.
+     *
+     * @returns If automatic key backups are enabled, the `version` of the active backup. Otherwise, `null`.
+     */
+    getActiveSessionBackupVersion(): Promise<string | null>;
 }
 
 /**
diff --git a/src/crypto/backup.ts b/src/crypto/backup.ts
index c438de6dd7c..ca1d2e4169e 100644
--- a/src/crypto/backup.ts
+++ b/src/crypto/backup.ts
@@ -136,7 +136,6 @@ export class BackupManager implements SecureKeyBackup {
         this.clientRunning = false;
     }
 
-    /** @deprecated use {@link getActiveBackupVersion} instead */
     public get version(): string | undefined {
         return this.backupInfo && this.backupInfo.version;
     }
@@ -196,7 +195,6 @@ export class BackupManager implements SecureKeyBackup {
         this.baseApis.emit(CryptoEvent.KeyBackupStatus, false);
     }
 
-    /** @deprecated use {@link getActiveBackupVersion} instead */
     public getKeyBackupEnabled(): boolean | null {
         if (!this.checkedForBackup) {
             return null;
@@ -204,22 +202,6 @@ export class BackupManager implements SecureKeyBackup {
         return Boolean(this.algorithm);
     }
 
-    /**
-     * Get the current status of key backup.
-     *
-     * Implementation of {@link SecureKeyBackup.getActiveBackupVersion}.
-     */
-    public async getActiveBackupVersion(): Promise<string | null> {
-        if (!this.checkedForBackup) {
-            return null;
-        }
-        if (this.algorithm && this.version) {
-            return this.version;
-        } else {
-            return null;
-        }
-    }
-
     public async prepareKeyBackupVersion(
         key?: string | Uint8Array | null,
         algorithm?: string | undefined,
diff --git a/src/crypto/index.ts b/src/crypto/index.ts
index 8ebc1bb0763..5071bd5c501 100644
--- a/src/crypto/index.ts
+++ b/src/crypto/index.ts
@@ -1280,6 +1280,18 @@ export class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap
         });
     }
 
+    /**
+     * Get the current status of key backup.
+     *
+     * Implementation of {@link CryptoApi.getActiveSessionBackupVersion}.
+     */
+    public async getActiveSessionBackupVersion(): Promise<string | null> {
+        if (this.backupManager.getKeyBackupEnabled()) {
+            return this.backupManager.version ?? null;
+        }
+        return null;
+    }
+
     /**
      * Checks that a given cross-signing private key matches a given public key.
      * This can be used by the getCrossSigningKey callback to verify that the
diff --git a/src/rust-crypto/backup.ts b/src/rust-crypto/backup.ts
index 28eb57edf18..2c477ee668c 100644
--- a/src/rust-crypto/backup.ts
+++ b/src/rust-crypto/backup.ts
@@ -22,9 +22,7 @@ export class RustBackupManager implements SecureKeyBackup {
     }
 
     /**
-     * Get the current status of key backup.
-     *
-     * Implementation of {@link SecureKeyBackup.getActiveBackupVersion}.
+     * Get the backup version we are currently backing up to, if any
      */
     public async getActiveBackupVersion(): Promise<string | null> {
         // TODO stub
diff --git a/src/rust-crypto/rust-crypto.ts b/src/rust-crypto/rust-crypto.ts
index 3849d01405c..52a3fb90060 100644
--- a/src/rust-crypto/rust-crypto.ts
+++ b/src/rust-crypto/rust-crypto.ts
@@ -746,6 +746,15 @@ export class RustCrypto extends TypedEventEmitter<RustCryptoEvents, RustCryptoEv
         await this.olmMachine.saveBackupDecryptionKey(RustSdkCryptoJs.BackupDecryptionKey.fromBase64(base64Key), "");
     }
 
+    /**
+     * Get the current status of key backup.
+     *
+     * Implementation of {@link CryptoApi#getActiveSessionBackupVersion}.
+     */
+    public async getActiveSessionBackupVersion(): Promise<string | null> {
+        return await this.backupManager.getActiveBackupVersion();
+    }
+
     ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////
     //
     // SyncCryptoCallbacks implementation