One feature of apps such as iMessage and WhatsApp is that your texts or voice calls are scrambled and private from everyone.
With end-to-end encrypted technology, no one but you and the intended recipients can know what you wrote or said — not hackers, the app companies or the police.
Except, not everything is end-to-end encrypted in end-to-end encrypted apps.
That could mean what you type in chats are saved on company computers that corporations such as Apple or your phone provider could read. Details such as the timestamps of every text to your boyfriend might not be under lock and key, either.
That’s not necessarily bad. Each end-to-end encryption choice has trade-offs. More privacy and security could also make it harder for you to use an app, or can shield activity of terrorists and child predators.
The mess I’m describing — end-to-end encryption but with certain exceptions — may be a healthy balance of your privacy and our safety.
The problem is it’s confusing to know what is encrypted and secret in communications apps, what is not and why it might matter to you.
To illuminate the nuances, I broke down five questions about end-to-end encryption for five communications apps.
Is the content of every message automatically end-to-end encrypted?
-
WhatsApp: Yes
-
Apple’s Messages: No
-
Messages by Google: No
-
Meta Messenger: No
-
Signal: Yes
The biggest encryption caveat is for the built-in texting apps on iPhones and most Android phones in the United States. Those are Apple’s Messages app, also known as iMessage, and the Messages by Google app.
If you use Apple’s app, texts that you send and receive are only end-to-end encrypted if everyone else in the chat is using that app.
If the text you see is in blue, the contents of messages are end-to-end encrypted for everyone in the chat.
Even if Apple wanted to read your texts, it doesn’t have a key to unscramble those messages. (There’s a caveat in the next section about backup copies.)
But the dreaded green bubbles are Apple’s warning. If you’re in a group chat with three people using Apple’s chat app and one person on an Android phone, no one’s texts are end-to-end encrypted.
Each of your mobile phone providers might save every word of your communications. Those companies could, in theory, read your messages, lose them to thieves or hand them over to police with valid legal orders.
Google’s chat app has the same encryption loophole. (For most people in the United States, Messages by Google is the standard texting app on Android phones.)
Your texts in Google’s chat app are only end-to-end encrypted if everyone else is using that app.
Google shows if your texts are end-to-end encrypted with signs such as a lock icon under texts and another on the send button.
Are backup copies of your messages automatically encrypted, with no option for the app company to unscramble them?
-
WhatsApp: Yes
-
Apple’s Messages: No
-
Messages by Google: Yes*
-
Meta Messenger: No
-
Signal: Yes
WhatsApp and Signal don’t let you save copies of your texts or call logs to the app makers’ computers.
That means they don’t have saved message copies in a cloud that crooks could break into.
But if you buy a new phone and forget your password, WhatsApp and Signal can’t really help you transfer all your old texts.
If you back up copies from Apple’s chat app and Meta Messenger, the companies have the keys to unscramble what’s written in encrypted chat copies. Again, these unscrambled text copies can help in criminal investigations or they could be stolen or misused.
Apple recently introduced a choice to fully end-to-end encrypt backup copies of iCloud accounts, which means not even Apple could unlock your scrambled backup texts.
If you pick that option, Apple can’t help recover your chats if you forget your account password.
This risk is why Apple makes this feature a pain to turn on, and requires you to list a plan B if you forget your password, such as a personal contact who knows your decryption code.
WhatsApp has an option to save backup copies of your messages to Apple’s or Google’s cloud. WhatsApp doesn’t save those backups.
For Messages by Google, the company says chats backed up to the company’s computers are automatically encrypted – as long as your Android phone has a screen that you need to unlock with a password or another method.
Google gets an asterisk because it says it cannot unscramble your backup texts in its cloud. But it can for attachments like photos.
Meta Messenger has been testing an option for people to turn on fully end-to-end encrypted backups.
Does the app save your account details in a way it can access?
-
WhatsApp: Yes
-
Apple’s Messages: Yes
-
Messages by Google: Yes
-
Meta Messenger: Yes
-
Signal: Yes*
Most end-to-end encrypted apps save some “metadata,” or details about you or what you do with the app. They can retrieve the metadata if necessary.
The app companies aren’t necessarily specific about which metadata they save and can unlock. This information can make you less private– and it can help in criminal prosecutions.
WhatsApp, for example, may have your general physical location when you use the app and the names of your group chats. Under legal orders, WhatsApp has the ability to log the phone numbers your number communicates with.
WhatsApp says these details can help identify spammers and aid in investigations of potential criminal activity including people who share images of child sexual abuse.
Signal is a yes with an asterisk because it doesn’t save much the app can retrieve – just a phone number used to set up an account and the last time the account connected to Signal.
Are disappearing messages an option?
-
WhatsApp: Yes
-
Apple’s Messages: No
-
Messages by Google: No
-
Meta Messenger: Yes
-
Signal: Yes
Even with end-to-end encrypted texts, someone on the receiving end could leak them or turn them into the police.
For extra privacy, WhatsApp, Meta Messenger, and Signal have an option to set texts to automatically delete in as little as 24 hours from the phones of everyone in a chat.
This isn’t ironclad, either. Someone could take a photo of your messages before they disappear.
Does the app use the Signal protocol?
-
WhatsApp: Yes
-
Apple’s Messages: No
-
Messages by Google: Yes
-
Meta Messenger: Yes
-
Signal: Yes
The Signal protocol is considered a gold standard. No one yet has found holes in the end-to-end encryption technology.
Read more:
-
What is secure? An analysis of popular messaging apps (Tech Policy Press)
-
Details on information the FBI can obtain from encrypted messaging apps (Just Security)
“Is the content of every message automatically end-to-end encrypted?”
This question can be rewritten as: Does this app support communication with anyone who doesn’t have the app?
For WhatsApp & Signal, the answer is no. Everything else does allow you to reach people who don’t use the same app. Which is better: being unable to communicate or being able to communicate?
@KLISHDFSDF
@Shira
Fair point, but in the context of attempting to guarantee privacy to all your users, it’s probably best to either separate SMS functionality into another app or was make it abundantly clear that messages via SMS can be intercepted. The majority of iPhone users have no idea what green vs blue means other than features aren’t available. You have the same issue with people using SMS/RCS. They generally don’t understand/know the difference.
Lastly, Signal/WhatsApp users are still able to communicate via more insecure methods, it’s just a separate app, so there is no loss of communication just convenience.
> The majority of iPhone users have no idea what green vs blue means other than features aren’t available.
Arguing both sides at the same time isn’t helping you.
The same user isn’t both too uneducated to understand the differences and also savvy enough to manually manage insecure and secure messaging decisions.
Apple/Google Messages apps handle this transport layer decision for the user, and Signal used to do this too. It’s a basic requirement for mass appeal to users.
@KLISHDFSDF
I’m not communicating effectively then. I’m mostly agreeing with you in terms of non-privacy features (things users generally care about) vs privacy features that can be subtle and more easily ignored. For example: It’s immediately obvious when messaging a non-iMessage user if you want to initiate a game or some other proprietary feature that doesn’t work over SMS that that specific feature doesn’t work. It’s not so obvious that the same message that can still be sent-received is not protected and in essence potentially viewable by multiple third parties unrelated in a 1-to-1 message. Hope that clears things up.
It’s about reducing the cognitive load in knowing what’s secure vs what isn’t. It’s the reason “https” is the standard now and “http” is going away. General users can’t be trusted to even look at a lock icon in a web browser to ensure their communications are secure, which is why Google will be getting rid of it in Chrome - their research shows only 11% of users understand what it means. With that knowledge, do you think the average person is going to understand what it means to have a minuscule lock icon (or a different chat color) in a messaging app?
You’re probably right about this, but it doesn’t mean its not less secure for the end-user.
> It’s about reducing the cognitive load in knowing what’s secure vs what isn’t.
I completely agree with this! However, pushing both the decisions and the actions onto the user doesn’t accomplish this. Imagine if you had to install different apps for http and https, then assemble the pieces of each page yourself before viewing it and decide which app to use to send your next request with.
This scenario is both error-prone and less secure.
@KLISHDFSDF
Good analogy, although I think it falls apart when we consider that SMS is a legacy messaging protocol (over 30 years old now) that is insecure, unreliable, doesn’t work over the internet and lacks a ton of features considered mandatory on various other messaging platforms, etc. To compare SMS to any modern messenger is doing a disservice to the all the bells and whistles we’ve taken for granted in the age of modern messaging platforms.
Another example is FTP being dropped from Chrome and Firefox. Should Mozilla and Google have continued including support for that legacy protocol just because it’s been there historically? Is it a bit more complicated for some users who need to use FTP? Probably, but they should be in the minority. Sometimes the best path forward is to deprecate legacy tech.