Looking for a better alternative to email for secure communication? This guide highlights the best secure messaging services, frequently asked questions, as well as some messaging apps and practices you should avoid.
Have you ever whispered something in someone’s ear that you didn’t want others to hear?
We all have. These days, many of us spend more time talking to people online than we do face to face. Do you ever say (or type or show) anything that you don’t want others to hear (or read or see)? If so, you had better be using some kind of encrypted messaging app to do it.
In this review, we’ll talk about why you need to use a secure messaging service. Then we’ll take a quick look at several secure messaging apps and the services they run on, along with some important characteristics to look for when evaluating them. As you’ll see, each has its own pros and cons, and each takes a different approach to the problem of providing secure messaging capabilities.
Why you need to use secure messaging
When you chat with someone online, you might assume that only yourself and the other person are privy to the conversation. But as we’ve learned over the years, there are lots of groups that are expending considerable effort to spy on your communications.
- Corporations want to read your messages so they can better target ads to you or sell your personal information to the highest bidder.
- Hackers want to use the information to steal your identity, break into your bank account, sell your company’s new business plans to the competition, or blackmail you with those pictures from the wild night in Vegas.
- Governments want to know everything you think and say and do, and maybe even catch a terrorist or two.
Unless you are using a secure messaging service, any or all of these groups will have an easy time of intercepting your messages should they choose to do so. That’s why there has been a boom in new messaging services that claim to be private, secure, anonymous, or any combination of those. But most of them fail to do the job for one reason or another.
Here are some that make the grade…
Best encrypted messaging apps
We’ve tested quite a few messaging services over the years. The ones listed here are the ones we consider to be the best options for secure messaging in 2020.
Signal is generally considered to be the most secure messaging service available. Originally published by Open Whisper Systems, their encryption protocol (the Signal Protocol) is so good that many other services (including giants like Whatsapp) base their own encryption protocol on it. Signal is end-to-end encrypted, open source, and completely free of charge. It allows you to create disappearing messages (a.k.a. self-destructing messages), has successfully completed third-party audits, and also publishes Transparency Reports.
Still not convinced that Signal is the real deal? In early 2020, Signal became one of two secure messaging services officially recommended by the military for use by the 82nd Airborne’s Task Force Devil during their deployment to the Middle East after the United States eliminated Iranian General Qassem Soleimani.
I can only think of two reasons you might not want to at least give Signal a try: you don’t want to use a telephone number to register an account; or the people you need to communicate with don’t use, and won’t switch to, Signal.
Note: There are some workarounds for the Signal phone number registration issue.
- End-to-end (E2E) encryption
- Encryption algorithms: Signal protocol, with Perfect Forward Secrecy (PFS) for text messages, voice messages, and video calls
- Open source
- Disappearing messages (aka self-destructing messages)
- Published transparency reports
- Logs minimum amount of data
- Does not log IP Addresses
- Can replace your phone’s SMS messaging app
- Focus is totally on individual users
- All Signal products are free of charge
- Requires a telephone number to sign up
- Does not support 2FA (Two-Factor Authentication)
Here’s our full review of Signal Messenger.
2. Wickr Me
Wickr is the other secure messenger service recommended for use by the 82nd Airborne’s Task Force Devil in the Middle East. The Wickr product line contains free and paid versions targeting both individuals and teams/businesses. In our recent review, we concentrated on Wickr Me, the free, personal version of Wickr. There is also a Wickr Pro, with different paid tiers.
Wickr Me is built on the same code base as the company’s paid commercial offerings, with some features only turned on for the paid versions. While both Wickr Me and Signal are super secure services, they have a number of functional differences that could lead you to choose one over the other.
- Wickr Me uses anonymous accounts. You do not have to provide a phone number, email address or any other personally identifiable information to create an account. This might be more appropriate for your threat model than Signal’s phone number based accounts.
- All Wickr Me content is ephemeral. While Signal lets you decide whether a message must self-destruct or not, Wickr Me doesn’t give you a choice. All messages and attachments self-destruct. The only control you have as a Wickr Me user, is over how long content lasts before it ceases to exist.
If anonymity is important to you, and you are okay with everything you send disappearing after a few days, Wickr Me could be the secure messenger for you.
- Client-side end-to-end (E2E) encryption
- Encryption algorithms: AES 256, ECDH521, and RSA 4096, with Perfect Forward Secrecy (PFS)
- Anonymous accounts
- Ephemeral messages and attachments
- Burn-On-Read messages and attachments
- Provides Transparency Reports
- All user content is forensically wiped from the device after it expires
- Does not log IP Addresses or Unique Device ID
- Does not record user metadata
- GDPR compliant
- Code is publicly visible on GitHub, but not open source
- Message handling is unusual
Note: As an alternative to Wickr Me (free version), you can also get the “Basic” version of Wickr Pro, which includes more options and is also free. See our Wickr Messenger review for more info and a comparison of the different versions.
Wire is a well-regarded corporate collaboration suite with secure messaging, group chat capabilities, file-sharing, and the ability to collaborate securely with external clients. For this roundup, we reviewed Wire Personal, their secure messaging app for individuals. According to third-party testing, the Proteus protocol that Wire Personal relies on is secure. Like Signal, Wire Personal is open source and gives you self-destructing messages. Also like Signal, it requires some personal information to create an account, either an email address or a phone number.
Judging on its technology, Wire Personal is a great secure messaging app for individuals. On the downside, there are only approximately 500,000 Wire Personal users, and the company is clear that its focus is on building its corporate offerings rather than supporting individual users. Take this into account if you are looking for a long-term solution to your encrypted chat app needs.
- End-to-end (E2E) encryption
- Encryption algorithms: Proteus protocol, WebRTC (DTLS, KASE, SRTP) with PFS
- Open source
- Self-destructing messages
- Published transparency reports
- GDPR compliant
- Wire Personal is free
- Registration requires email address or phone number
- Some logging of personal data
- Does not support 2FA
- Small number of Wire Personal users (roughly 500,000)
- Company focus is now on the corporate market, not individual users
Here’s our full review of Wire Messenger.
It doesn’t matter how secure and private a messaging app is if you can’t talk to anyone with it. When a messaging service has over a billion users like WhatsApp or Facebook Messenger, the odds are high that the people you want to chat with already have an account. When a service has less than a million users (Wire, for example) the odds that the people you want to talk to already have an account are pretty small.
Telegram occupies the middle ground. With over 400 million active monthly users, the odds that the people you need to talk to already have an account are pretty darn good. And the service is free, too. So let’s talk about the other characteristics of a secure messenger service.
While we love the widespread acceptance of Telegram, and the ever-expanding feature set, we do have some concerns about the service. Communications in Telegram are not end-to-end encrypted by default. Only voice calls and Secret Chats are E2E encrypted. Unless you use one of these two modes, your communications within Telegram are not really secure. Even if you do use the E2E encrypted parts of the service, MTProto, the encryption protocol used by Telegram, is questionable at best, very insecure at worst – all depending on who you ask. Besides, Telegram logs more user information than the other services listed here.
Whether Telegram is an option for you depends heavily on your threat model and use cases. You may well find that access to the rich feature set and huge user base of Telegram outweighs the questions about exactly how secure and private Telegram really is. If you do decide to give Telegram a try, make sure to use a good VPN service as well. Hiding your IP address and physical location using a VPN goes far toward overcoming the privacy concerns of all that user data logging.
- End-to-end (E2E) encryption
- Encryption algorithms: MTProto, a custom protocol
- Open source apps and Telegram Database Library
- Self-destructing messages
- Users can be logged in on multiple devices simultaneously
- Supports Two-Step Verification
- GDPR compliant
- Registration requires a phone number
- E2E encryption only for voice calls and Secret Chats
- Servers are not open source
- Logs IP Address and other user data
See the Telegram review here.
Messaging apps and practices to AVOID
So now that we’ve covered the best secure messaging apps above, let’s touch on another topic: messaging apps to avoid.
1. WhatsApp (owned by Facebook)
Sure, WhatsApp may be encrypting your messages – but that doesn’t make it a safe and secure solution. It is owned by Facebook and operates under US law. Here are a few reasons to avoid WhatsApp:
- WhatsApp collects metadata about every user, which can be exploited by Facebook and/or handed over to government agencies. This data includes your name, IP address, mobile number, location history, cell network, contacts, and device type.
- Facebook and WhatsApp will be forced to share users’ encrypted messages with British police under a new treaty.
- Reports suggest governments can easily access encrypted WhatsApp data through “WhatsApp Web”.
2. Keybase (owned by Zoom)
Right as we were completing the Keybase review, we learned that Keybase had sold out to Zoom.
We know that Zoom is not a business that respects the privacy or security of its users. In fact, there have been numerous scandals with Zoom over the past year. It’s also worth noting that Zoom has deep ties to China. In fact, it was even busted routing user data through China.
With Zoom now owning Keybase, we can no longer recommend it.
3. Regular (unencrypted) SMS text messages
While this does not fall under the category of encrypted messaging apps, it’s still worth repeating. If you expect any privacy or security, don’t use standard (unencrypted) text messages.
These text messages can easily be seen by your mobile carriers and the entities they share data with. Additionally, regular text messages are susceptible to man-in-the-middle attacks and Stingray devices.
Characteristics to look for when selecting an encrypted messaging app
What characteristics should you look for when selecting an encrypted messaging app or service? Even if you have some very specialized requirements, these are characteristics you should definitely look out for:
- End-to-end (E2E) encryption
- Third-party testing / reviews
- Open source code
- Limited user data collection
- The specific features you need
- Anonymous signup options
End-to-end (E2E) encryption
End-to-end (E2E) encryption is the #1 characteristic to look for in a secure messaging service. When a messaging service uses end-to-end encryption, only the people who are communicating can read the messages. No one else, not even the company providing the service, can read the messages. Whether you decide to go further down the E2E rabbit hole or not, the key thing to remember is this: If a service doesn’t offer end-to-end encryption, it is not secure.
However, there are two additional conditions that an end-to-end encrypted service must fulfill to ensure it is secure. First, it must use proven encryption algorithms. Second, the end-to-end encryption must be applied to your messages. So let’s look at those two conditions a bit more.
Trusted encryption algorithms
The security of E2E encryption assumes that no one can break the encryption. Or more realistically, it would take a vast amount of time to break the encryption being used. Vast as in millions or billions of years. This normally isn’t a problem. That’s because messaging services typically use trusted encryption algorithms. Algorithms like Signal‘s Signal protocol have been analyzed by cryptographers and shown to be secure against any reasonable attacks. If a service doesn’t use trusted encryption algorithms, it doesn’t mean that the service isn’t secure, but it is something to consider.
End-to-end encryption is turned on
E2E encryption is only useful if it is turned on. Most secure messaging services have E2E encryption turned on by default. Telegram, on the other hand, does not. You need to be sure that you are using Telegram’s Secret Chat system or communicating by voice messages if you want E2E encryption to be turned on in Telegram.
Third-party testing / reviews
One of the big concerns when dealing with any kind of secure messaging service is being able to validate their claims. There are a few different questions you need to answer for yourself:
- What is the service’s definition of “secure?” One service might take a zero-knowledge approach, encrypting/decrypting all messages in the client with the servers having no access to your passwords and encryption keys. Another might use TLS to secure data in transit, and encrypt it at rest on their servers, using their own encryption keys. Both can claim their service is secure, but they would both be using different definitions of the word “secure.”
- What is your threat model? You need to understand what threats you are trying to protect against. If all you want security against third parties spying on your messages while they are zooming back and forth across the Internet, that’s one type of security. If you want your messages to be secure against someone (the NSA perhaps) getting into the messaging service’s servers and decrypting your messages using their copy of your encryption keys, that is an entirely different level of security. Which one you need to search for depends on your threat model.
Once you have the answers to the first two questions, you need to decide if the service you are considering is fit for your particular situation. But how?
Is it practical for you to validate their claims yourself? Knowing that a secure messaging service you are interested in has open source code is great. But can you analyze their code to see if it really delivers on their claims? I certainly can’t. Nor can I do penetration testing or any of the other tests that would be necessary to see whether a service really delivers what it promises.
This is where third-party testing, audits, and reviews come in. Many companies now hire third-parties to come in and validate the service. The exact testing that they get done varies, as does the amount of test results they publish. But this kind of testing can at least give us some sense whether or not a product delivers on their marketing promises.
Open source code
Open source code can also make us more confident that a service will deliver on its promises. Why? Not because you or I are likely to review their source code looking for back doors or flaws in their algorithms. But because it is possible for someone to do exactly that. There are people out there who can, and do, dig into open source code looking for problems.
The more popular a messaging service is, the more likely that people are looking at the code, ready to call out problems. The simple fact that there are people willing and able to go through open source code like this means that errors are likely to get fixed sooner, and anyone trying to do something sneaky in the code will get called out publicly.
The idea of providing security through self-destructing messages has been around for a long time. Are you old enough to remember scenes like this?
Today’s secure messaging apps have revived the idea of self-destructing messages, although they aren’t quite as dramatic about it as the old Mission Impossible team was.
Some services allow you to set specific messages to self-destruct a certain amount of time after they are read. Wickr Me goes so far as to make self-destruction the basis of their service. All messages and attachments will self-destruct after a certain amount of time. Depending on your use case for a secure messaging service, this could be a crucial feature.
Limited user data collection
Just because all your messages are securely E2E encrypted, it doesn’t mean that the service has no information about you. Most services collect a certain amount of user data. This could be your email address, your phone number, the IP address you connect to the service from, what time you connect, who you connect to, and so on. While collecting this kind of information might not compromise the security of your messages, it does reduce your privacy.
Depending on your threat model, the amount of user data a secure messenger service collects may not be important. If it is, you can easily reduce the impact of this data collection by using a VPN while using the messenger service. A VPN can prevent the messenger service from knowing your IP address and your location. Some of our top-recommended VPNs include NordVPN, which is based in Panama and ExpressVPN, based in the British Virgin Islands (with a three months free coupon).
Note: A VPN is not a silver bullet that hides all your metadata! It is just one of many privacy tools you should be using for basic digital self-defense. However, a VPN will securely encrypt traffic between your device and a VPN server, while also concealing your true location and IP address. See these best VPN services for more options and info.
The specific features you need
The security and privacy of a messaging app or service doesn’t matter if it doesn’t have the features you need. Happily, most of the top secure messaging services continue to add features, reducing the risk that the one you want will be missing something you need. For example, the ability to run on multiple platforms is virtually a necessity, whereas the ability to send video messages or voice memos may or may not be, depending on your use case.
One “feature” to look for in particular is compatibility. Specifically, compatibility with the secure messaging services used by the people you need to exchange messages with. Telegram’s user base is growing rapidly and has over 400 million users. The rest of the top services have a small fraction of that user base. Depending on circumstances, you may need to compromise on the security and privacy front to be able to communicate with the people you need to reach.
Conclusion on secure messaging apps
The secure messaging apps and services listed here each takes a slightly different approach to the problem of keeping bad guys out of your business. We’ve given you a quick overview of each of them here. We urge you to think hard about your circumstances, then decide which of these quality products looks best to you.
Here are the encrypted messaging apps we have reviewed on Restore Privacy: