Before you search on the app store willy-nilly or ask your friends about their messaging app of choice, be sure to take a step back and examine whether your choice can adequately guard your privacy and security. One way to determine that is if the app offers end-to-end encryption (E2EE).
Without encryption, private messages can be read by the company behind the app, as well as third parties such as governments who like to collect private data on their citizens. Not even using the best VPN would help you if you’re using a messaging service that stores identifiable metadata about your conversations on its server (like Threema and Wire, reviewed in this list).
Encryption makes societies freer and, thankfully, several messaging apps use E2EE to prevent anyone except you and the intended recipient from reading the message’s contents.
What is encrypted messaging?
End-to-end encryption (E2EE) is a method of encrypting data that only allows the sender and receiver of the message to decrypt and read messages passed between them. More importantly, encryption prevents apps from storing copies of your messages on its servers, which would put them within reach of government authorities.
Apps that don’t have E2EE by default, if at all, as of writing are:
- Google Hangouts
- Line (opt-in E2EE)
- Skype (opt-in E2EE)
- Facebook Messenger (opt-in E2EE)
- Telegram (opt-in E2EE)
[Get the latest on online privacy and security in our weekly blog newsletter.]
Privacy and security review of encrypted messaging apps
With many good options available, here’s our take on some of the most widely-used, and secure, messaging apps.
Apple’s iMessage is only available on Apple devices, but it packs a punch with its security features.
On top of offering end-to-end encryption between iMessage users, the app allows users to control how long the message stays up and how many times the recipient can view the message (This feature is only available to those who have iOS 10 and above).
iMessage is only available on Apple devices, meaning any message you send via iMessage to a non-Apple device will not be encrypted. One major security loophole is the option to backup your iMessages to iCloud. On the cloud, messages are encrypted by keys controlled by Apple, meaning that if your iCloud were ever hacked or subpoenaed, those messages could be revealed.
Apple’s CEO, Tim Cook, is a big advocate for personal privacy, and iMessage seems to indicate that the company takes this commitment seriously. Just avoid storing your messages on web-based platforms like iCloud—toggle off messages in settings so they’re not stored on the cloud.
Would we recommend this app? Not really. While it is E2EE, you should avoid using iMessage if you’re communicating with people who do not have it on their devices. Avoid storing your messages on web-based platforms like iCloud as well.
Founded by privacy and security advocates in San Francisco in 2012, Wickr was one of the first messaging apps to adopt end-to-end encryption. Messages are encrypted by default, and the company undergoes regular security audits. As of 2017, Wickr is also open-source.
The app comes in two forms: Wickr Me and Wickr Pro. The former is free and for personal use, while the latter is for businesses, who pay a subscription fee. Wickr has several features that make the app secure, including screenshot detection, blocking third-party keyboards on iOS, and ensuring any deleted files are completely unrecoverable.
The app’s free and paid versions both have plenty of security features, such as self-destructing messages, content shredding, and an inability to take screenshots (on Android only).
Unfortunately, Wickr doesn’t have as many users as WhatsApp, Viber, and Signal, so you might have to recruit people to talk to.
Would we recommend this app? Yes, if you can find more people who also use it.
Viber has about 260 million monthly active users and is primarily positioned as a competitor to the less-secure Skype on mobile. It’s enabled end-to-end encryption since April 2016.
The app has end-to-end encryption on all its available platforms (Mac, Windows, iOS, and Android) and also color codes your chats based on how secure they are: gray denotes encrypted communication, green means an encrypted communication with a trusted contact, and red means the authentication key has an issue. Viber also supports self-destructing messages in its secret chats feature.
The one big limitation to Viber is that it only supports end-to-end encryption for one-on-one chats—group chats are not offered the same level of security as individual conversations. It also requires a phone number to sign up.
Would we recommend this app? Only if you’re using the app for directly messaging and individual video calls. Group chats will not be encrypted, so if you want an app that encrypts both, don’t use Viber.
Formerly called RedPhone, Signal is the darling of the information security community and is growing in popularity among ordinary users too. It still has nowhere near the same number of active users as WhatsApp, though.
By default, Signal provides end-to-end encryption for all voice calls, video calls, and instant messages with its own protocol. The Signal Protocol is arguably the most secure messaging protocol developed—it amalgamates the Extended Triple Diffie-Hellman (X3DH) key agreement protocol, Double Ratchet algorithm, AES-256, and Sesame for managing encryption across multiple devices.
This technology is entirely open-source, which means its security is vetted by cybersecurity experts. What’s more, Signal’s technology has been adopted by other messaging services like WhatsApp and Skype as well.
To verify that your conversation with another person is private, each Signal conversation has a unique device safety number to verify the security of your messages and calls with specific contacts. This is especially useful for preventing man-in-the-middle attacks—if a safety number changes more frequently than you’d expect for someone switching devices or reinstalling Signal, for instance, it may indicate that something is awry.
Signal proved its trustworthiness in 2016, following a subpoena from the U.S. government. The only data stored on Signal’s servers was the time of account creation and the most recent date that a user connected to a server.
Signal also allows you to secure the app with a password so you can protect your messages if they fall into the wrong hands. There is an option to send self-destructing messages too.
The only problem with Signal is that you have to provide a phone number to sign up, although you can get around this requirement by using a “burner” phone or SIM card. To rectify this, Signal is currently experimenting with PINs to reduce reliance on phone numbers. This Signal PIN will allow users to migrate some of their profile data to a new device without starting from scratch, or having to use a phone number.
Would we recommend this app? Yes—Signal is one of the best messaging apps you can use for secure communication. If you don’t want to use your phone number, you can resort to a burner phone. The company aims to reduce its reliance on phone numbers anyway, so this small irritant may also go away soon.
Jabber and OTR are different from the rest of the pack: Technically speaking, they’re not messaging apps. They are two protocols that when stacked on top of each other provide a free, secure, open-source, decentralized platform. Plenty of apps support Jabber with OTR, such as Pidgin for Windows/Linux or Adium for Mac. There is also the newly released Tor Messenger and Chat Secure for your mobile phone, both of which support Jabber.
Jabber/OTR is currently the only solution that can be set up anonymously. This means they don’t require a phone number or personally identifiable information during the sign up and registration process.
Sadly, Jabber/OTR does not function very smoothly on mobile, as the protocol needs an almost continuous connection between you and your peer. The lack of supporting features, even as basic as sending attachments, can also be frustrating.
Would we recommend this app? If you need a protocol that can be trusted to keep out even the most powerful of adversaries, Jabber/OTR is the best choice.
Telegram was built by brothers Nikolai and Pavel Durov, exiled Russian-born billionaires, previously famous for the Facebook clone Vkontakte (now VK). Pavel Durov had to leave VK in 2014 over a dispute about handing over Ukrainian protesters’ user data. Consequently, the brothers left Russia for Berlin and founded Telegram. However, Telegram does not have E2EE by default—you’ll need to use its secret chats feature to enable it.
The messaging app gives you the option to encrypt your messages, which you can enable with “Secret Chats” to encrypt them. When enabled, you can set messages to self-destruct across all your devices automatically or at a set time.
If you don’t encrypt your chat, then your data is stored on Telegram’s servers, which puts the security of your messages at risk.
The client-side code for Telegram is open-source, but its server-side code is not— Telegram uses its own protocol, MTProto, to encrypt your messages, and they have not yet revealed the coding behind it. The app also leaks a lot of metadata. A security researcher found a way for an attacker to know when a user is online or offline, therefore allowing them to work out who is talking to who, and when.
Would we recommend this app? We can’t recommend Telegram for secure messaging. Consider deleting Telegram if you’re using it for secure messaging.
Wire is an open source and collaborative messaging app that has both a free version and plenty of useful features: fully encrypted video calls, secure file sharing, synced messages between devices and others. Wire also offers a paid plan for organizations (large enterprises).
On top of E2EE for messages, Wire also offers the same level of encryption for its video calls. It is open-source, and, if you want the convenience, you can transfer your messages across any device that you’re signed in to. It also has self-destructing messages, session verification to make sure you’re talking to the person you want to talk to, and a password lock for your app. Wire does not sync your messages to a cloud either, keeping everything on your devices.
While Wire has E2EE and security features, it retains some significant metadata on its servers, including timestamps and participants lists. If you’re using its web interface you’ll need to make sure no one else can access it through your browser.
Would we recommend this app? Not until it stops collecting metadata.
Unlike a lot of apps on this list, Threema is a paid chat service that uses E2EE to encrypt calls and texts. It is partly open-source, and has been audited several times.
Threema doesn’t need your email address or phone number to set up the service—instead it generates a unique key that allows you to use the app anonymously.
Threema says that it deletes the messages you send from its servers once delivered, but it’s not clear whether that actually happens. If you do use Threema, bear in mind that the app collects significant amounts of metadata that it will provide to government authorities if a request is made.
Would we recommend this app? No.
Brian Acton and Jan Koum founded WhatsApp in 2009 originally for people to publish status updates, not dissimilar to Facebook. But it was the messaging feature that saw its popularity skyrocket. Facebook bought WhatsApp in 2014, and while it is E2EE, its ownership has raised concerns about how it could be used in future.
Security-wise, WhatsApp’s E2EE by default enhances its privacy and security from malicious actors. Security flaws have appeared in the past, but if cybercriminals breached WhatsApp today, they couldn’t decrypt your conversations. It also has a lot of what may now be considered standard features like video calling, voice messaging, and file-sharing.
It’s owned by Facebook. ‘Nuff said.
Would we recommend this app? No.
What is the best secure messaging app?
There are a lot of messaging apps to choose from, but Signal is really your best bet, in terms of reach, security, and privacy-enabled features. WhatsApp may be used by more people, but its ties to Facebook are worrying. Jabber is certainly the most secure, but its reach and lack of features make it challenging for everyday use.
However, keep in mind that end-to-end encryption is not the catch-all security feature to protect yourself from surveillance. Even if you use a secure messaging app, an unsecured device will allow anyone access to your messages. Protect your messaging apps with a password, and practice basic mobile security to ensure no-one can gain entry to your device.