{"id":50521,"date":"2021-04-08T00:00:00","date_gmt":"2021-04-08T00:00:00","guid":{"rendered":"https:\/\/www.techopedia.com\/encrypted-messenger-apps-are-any-actually-safe\/"},"modified":"2022-01-11T23:14:49","modified_gmt":"2022-01-11T23:14:49","slug":"encrypted-messenger-apps-are-any-actually-safe","status":"publish","type":"post","link":"https:\/\/www.techopedia.com\/encrypted-messenger-apps-are-any-actually-safe\/2\/34463","title":{"rendered":"Encrypted Messenger Apps: Are Any Actually Safe?"},"content":{"rendered":"

Privacy can be challenging to achieve in today’s hyper-connected, always-online world. Encrypted messenger apps like WhatsApp provide users with relief and a sense of security amid this interconnectedness. At least, they’re supposed to.<\/p>\n

When WhatsApp announced a controversial new privacy policy<\/a>, that sense of security vanished for many users. To keep using the app, users have to agree to let WhatsApp share their data with other Facebook services. This move has left many questioning the safety of the messaging platform.<\/p>\n

Encrypted messenger apps are mostly safe, but some may not be as secure as users want to believe. Here’s a closer look.<\/p>\n

Why May Encrypted Messenger Apps Be Unsecure?<\/span><\/h2>\n

The safety appeal of encrypted<\/a> messaging apps is in the name. Unlike many messenger services and social media platforms, these apps encrypt users’ messages, so any data intercepted by third parties is unreadable. Just because a service offers encryption doesn’t necessarily mean it’s secure, though.<\/p>\n

In many apps, end-to-end encryption<\/a> is an optional feature. Users have to opt for it intentionally, and they may not realize this. Encryption isn’t the only security concern with an app like this, either. For example, the WhatsApp controversy is about data sharing and monetization, not encryption.<\/p>\n

WhatsApp isn’t sharing messages with the rest of the Facebook network, but it can share user data. That could include information about users’ online behavior, location, purchases, and some identifiers like phone numbers. That’s a lot of personal information going to other services for an app built on the guise of privacy.<\/p>\n

Can Encrypted Messages Be Hacked?<\/span><\/h2>\n

End-to-end encryption works by scrambling a sender’s data and giving the key to unscramble it to the recipient. Since the recipient is the only one with that key, they’re the only one who can read the data. If a hacker or other third party intercepted a message, they couldn’t read it without the encryption key<\/a>.<\/p>\n

That doesn’t mean encrypted messages are hack-proof. Hackers infiltrated WhatsApp in 2019<\/a> and installed spyware on users’ devices. Since this spied on users’ screens instead of intercepting data, it let hackers view messages before they were encrypted or after they were unencrypted.<\/p>\n

Spyware works around encryption instead of trying to break it. If hackers can read messages before or after they’re sent, it doesn’t matter if they were encrypted in between. Consequently, any app that doesn’t also provide other security measures isn’t secure.<\/p>\n

End-to-end encryption doesn’t always stop man-in-the-middle (MitM) attacks, either. In these attacks, a hacker controls a conversation between two parties<\/a> without their knowledge, sometimes stripping the traffic of encryption. Attackers can steal the authentication token that holds the encryption data, letting them read any messages that come through.<\/p>\n

Despite these vulnerabilities, end-to-end encryption provides some of the best data protection<\/a> out there. Users should be aware that it isn’t a perfect solution, though.<\/p>\n

Is Signal Safe?<\/span><\/h2>\n

Many users flocked to Signal after Elon Musk promoted it<\/a> as an alternative to WhatsApp after the controversy arose. Even before the WhatsApp update, privacy advocates have praised Signal. So what makes it different from other encrypted messenger apps?<\/p>\n

Unlike WhatsApp, Signal is explicitly not-for-profit. As such, a big tech company like Facebook won’t likely acquire it, and it doesn’t sell ads. Since it doesn’t sell ads, it doesn’t have as much reason to collect and share user data. It only gathers metadata essential to app functionality.<\/p>\n

Singal’s source code is also open-source<\/a>, enabling other security experts to audit it, which allows for better security updates. At the same time, this means that hackers can also examine its code to find vulnerabilities. So while being open-source can promote better security, it comes with some risks as well.<\/p>\n

The app also features other security tools like face blurring and optional passwords, providing an extra layer of safety. Thanks to all of these features, Signal is likely the most secure encrypted messaging app out there.<\/p>\n

What Are the Safest Encrypted Messenger Apps?<\/span><\/h2>\n

There are other secure messaging apps apart from Signal, too. Some of the best available options today are:<\/p>\n