How secure are your private messages?
At a time when data breaches are at an all-time high, that’s a question worth thinking about. Hackers, particularly state-sponsored hackers, have shown a willingness to go after big, established tech companies like Yahoo and Google. These big platforms often hold users’ personal information — or in some cases, users’ private correspondence — on their servers.
But there are ways to protect your private communications, and many consumer tech companies are starting to offer better encryption so that your personal messages won’t fall into the wrong hands. Whether you’re concerned about your messages being read by hackers, advertisers or even the police, encryption can protect you.
What products should you be using to enhance your privacy? We took a look at more than a dozen consumer messaging services to give you a better idea.
The key here is whether or not a service is “end-to-end encrypted.” Messages sent with that level of encryption are only readable in two places: The sender’s and recipient’s devices — most likely their smartphones. These messages aren’t stored on company servers, and as a result, can’t be mined to help advertisers or read by law enforcement officials, even with a proper warrant.
Which app is right for you? Here are some additional details on some of the more popular apps to help you decide.
- Hangouts: Messages sent over Google’s popular messaging and video chat service could be handed over if requested by law enforcement. The “off-the-record” feature only deletes messages from your history, but they may still be on the company’s servers, according to previous reports.
- Messenger: Facebook’s messaging service does not offer end-to-end encryption by default, but its smartphone app does have a “secret” option, which sends messages with end-to-end encryption. Those messages do not show up in your inbox on Facebook.com.
- Telegram: Telegram also offers end-to-end encryption in a feature called “secret chats,” but that setting has to be turned on. It is not by default.
- iMessage: If you use iMessage to send text messages to someone with an Android device, those messages are not encrypted — they’re simply texts. The end-to-end encryption only works between iMessage users. Also, if you use iCloud to back up your information, iMessages are included by default. You need to toggle off those messages in settings so they aren’t stored on Apple servers.
- Signal: The security of Signal has been praised by Edward Snowden and other security experts for its trustworthiness. Its code is open source, so it can be examined by independent researchers for security holes. Signal also allows users to verify their identities, which helps ensure that you’re only communicating with the intended recipient. The app has seen a surge in popularity since Donald Trump became president.
- WhatsApp: All messages sent over WhatsApp are sent with end-to-end encryption by default, even voice and video calls. If you want to be extra careful, WhatsApp also has a feature for users to verify their identities. WhatsApp’s end-to-end encryption was actually built in collaboration with the team that created Signal.
- Confide: All messages sent over Confide are end-to-end encrypted, according to the company’s website. They also disappear after they’re read.
- Text messages (SMS): Regular text messages are not encrypted, and are often recalled through a court order to help dispute legal matters