1. End-to-end encryption.
This is the key since it ensures direct secure messaging. This means that from the moment a message is typed, to the time it spends in transit, until the other person receives it, no one else can see that message. Therefore, the message can not be snooped by third-parties, and the information can not be stolen while it is being transmitted.
Many applications offers end-to-end encryption. In some cases, this security feature is enabled by default. In others, the final user may need to ensure that it is activated, or maybe the app encrypts messages only in certain scenarios. On the other hand, there are different encryption protocols. Some more proven and safer than others.
2. Open source code.
It refers to any application whose source code is available to anyone. So, experts can freely check the code and try to find any weaknesses or vulnerabilities, that later on, will be fixed.
3. Data collection.
The messaging apps can collect information about you and the device you use. This is commonly known as metadata. Metadata includes data such as who you talk to, for how long, at what time, your IP address, phone number, the location of your phone, etc.
What alternatives do we have today?
There are multiple messaging apps available. We have created a list of the three most used apps on the market today, and we have summarized their security features. These apps are: Signal, WhatsApp and Telegram.
Signal is entirely free and is quite easy to use. This app uses a proven super-strong encryption protocol. The best thing about this private messaging app is that it is an open source project supported by donations and grants, so there are no advertisements, no affiliate marketers, and no secret tracking. Furthermore, any experts can freely audit the app’s code for any vulnerabilities in its security. This helps ensure that Signal’s security is always up to date.
There are other features like encrypted voice calls, group chats, media transfer, archive functionality. The messages can also be set to self-destruct after a set amount of time. Signal also allows you to set a password to lock it. So even if your phone falls into the wrong hands, your messages will still be protected.
WhatsApp is one of the most popular messaging apps being used today, more than 2 billion users worldwide. It’s available for free and you can easily send text messages, photos, as well as video and voice messages. It uses the super-strong encryption protocol developed by Signal since 2016.
This app is owned by Facebook, the world’s biggest social network, since 2014. Facebook can’t read user’s messages, the end-to-end encryption prevents that, but WhatsApp did announce that they would be sharing user metadata with Facebook, for various purposes such as ad-targeting.
Telegram is a popular messaging app. You can set messages to self-destruct, share videos and documents, and participate in group chats of up to 200,000 users.
This app uses its own custom MTProto encryption rather than a more proven secure system, such as the Signal protocol. Its encryption system is considered as unsafe by many experts, who have expressed skepticism about the lack of transparency surrounding its protocol. On the other hand, this app is open source code.
End-to-end encryption is not enabled by default on Telegram, so you need to make sure the Secret mode is activated in order to protect your communications. Other types of chat and file transfers are encrypted, but only for part of their journey to other parties.
Last month a research showed that the “People Nearby” feature could allow an attacker to triangulate the location of unsuspecting users. This feature is disabled by default, but users who enable it will be publishing their precise location inadvertently.
From a security stand point, Encripto recommends using Signal, as it is the safest and most private alternative available as of today.