Looking for Something Specific?
Search the Blog Archives.
You probably use messaging for communications every day, but how secure are your messages? Messaging apps are as susceptible to hackers as any other type of electronic communication, and if you are concerned about privacy then it’s time to learn the basics about secure messaging apps.
Why You Need a Secure Messaging App
We use messaging more and more to communicate, but we don’t always realize how many eavesdroppers there may be. Those eavesdroppers may include internet service providers, government agencies, and hackers. If your messaging involves your company, it might be the target of industrial espionage. These are all good reasons to consider using a secure messaging app.
What Makes a Messaging App Secure?
We probably all remember playing around with coded messages as a kid, but never dreamed that coded messages might become important in our day-to-day communications. As it turns out, one of the key aspects of a messaging app is end-to-end encryption.
When your messages are encrypted, that means they are encoded in such a way as to make it extremely difficult for someone to eavesdrop on the information being transferred. The messages are basically scrambled, and in order to unscramble them, you must have the correct key. In the case of an end-to-end encrypted message app, only the sender and the receiver have the decryption keys.
There are messaging apps that offer encryption, but encryption is not the default setting. That means that you would have to navigate to the settings for your messaging app and turn on encryption – if it even offers that feature.
Metadata can still be an issue even with encryption. Metadata includes things like who you talk to based on your contact list, how much time you spend talking to them, your phone number, your IP address, and more. You should avoid messaging apps that collect metadata.
Believe it or not, one of the signs of a secure messaging app’s integrity is making its source code available to the public. Open source code is actually better than proprietary code because it provides experts access to the code for review. Experts who did not develop the code will be far more likely to notice vulnerabilities and bugs that could be exploited. The result is a highly robust source code and a bulletproof app.
Secure Message Apps
There are several messaging apps on the market that qualify as secure messaging apps. What follows are five of the top options that are available for Android and iOS operating systems.
Dust: If you want messages that don’t hang around, then Dust is your app! Messages disappear within 100 seconds of being read or within 24 hours – your choice. You’ll also be notified if any screenshots are taken. It includes end-to-end encryption, no permanent storage, and you can even erase your message off someone else’s phone. The major drawback of Dust is that its source code has never been released.
Signal: The Signal messaging platform uses end-to-end encryption and its source code has been released. There is an option that makes messages disappear after a certain amount of time has passed and it can be password protected. It only stores the metadata it needs to function properly on your device. As far as drawbacks go, there are virtually none associated with Signal.
Telegram: The Telegram app was banned in Russia because they refused to hand over the encryption keys. It offers end-to-end encryption through a feature called “Secret Chat” that must be turned on. It can be locked by a passcode and has a Self-Destruct timer option for Secret Chat messages. The drawback of Telegram is that it lacks transparency about the protocol that it uses.
WhatsApp: With WhatsApp, end-to-end encryption is the default and provides an option for you to verify that encryption is in place. Messages are not stored on your phone, and it makes available a two-step verification feature. WhatsApp’s major drawback is that it does keep track of metadata and backups of messages are not encrypted for Android users.
Wickr : Unlike most messaging apps, Wickr offers both a personal (Wickr Me) and an enterprise edition. It provides end-to-end encryption and a host of additional features that make it one of the best options for businesses that are looking to keep their messages secure. It recently released its cryptographic protocol. And when Wickr deletes things, it “shreds” them so that they cannot be recovered. Wickr doesn’t really have any drawbacks from a security perspective.
Not all secure messaging apps are equally as effective. When selecting one, you should look for end-to-end encryption (and by default is even better) and the storage of little to no metadata. Also, keep in mind that companies that have released the source code behind their app are considered more reliable and their apps more robust. If privacy is important to you, then it’s time to check out secure messaging apps.
Before installing or investing in any messaging app…always consult with your technical support provider.