5 best secure private messengers

Secure messaging services have seen a rise in popularity over the past couple of years, with many claiming to have an increased focus on preserving privacy. This is thanks to the introduction of end-to-end encryption via Signal Protocol, but not all messengers that include it are built equally. There is still plenty to choose from, however, and here’s where to start.

 

Popular services such as WhatsApp and Skype proudly boast that they use the Signal Protocol, but being proprietary technology and, therefore, closed source, it is impossible to check how it has been implemented. In some cases, it isn’t even universal. Facebook enjoys stating that it includes the protocol’s end-to-end encryption but this is only true with its ‘Secret Conversations’ feature.

While Facebook CEO Mark Zuckerberg is going above and beyond to reinvent the social network as a privacy advocate, none of these companies are known for their focus on user privacy. They all continue to be pressured by government entities to develop “backdoors” into their applications, giving authorities unfettered access to user information without the need for a warrant.

There is nothing to say that these demands haven’t already been met or won’t be met in the future, but there are alternative secure services you can use that exist right now. If you want to be sure that claims of end-to-end encryption are true, simply choose one of the best private and secure messengers currently available:

  1. Signal - Platforms signal supports - Android, iPhone, Windows, macOS, Debian-based Linux. On the desktop, communication is only possible with other Signal users (not via insecure regular SMS to non-users).
  2. Wire - Platforms Wire Supports - Android, iOS, Windows, macOS, Linux, and via web application.
  3. Riot.im - Platforms Riot.im supports - Android, iOS, and via web application. On Android, the app is available from the Play Store and F-Droid.
  4. Tox - Platforms: Windows, macOS, Linux, BDS, Android (alpha-only), iOS
  5. Ricochet - Platforms: Windows, macOS, Linux.

5 Best Secure and Private Messenger apps

After robust testing and research, our experts have found the five most secure messaging apps out there. All of these apps have excellent features and also provide a high level of encryption.

After robust testing and research, our experts have found the five most secure messaging apps out there. All of these apps have excellent features and also provide a high level of encryption.

After robust testing and research, our experts have found the five most secure messaging apps out there. All of these apps have excellent features and also provide a high level of encryption.

  • Free option

    Yes

Signal is the name of both an app and a secure messaging protocol developed by legendry entrepreneur, cryptographer, and privacy activist Moxie Marlinspike. The open-source Signal protocol has been incorporated into a large number of third party products, many of which, such as Facebook Messenger, WhatsApp, and Skype, are themselves closed source.

The Signal app is the pure expression of Signal. It is fully open-source and has been formally audited for security vulnerabilities.

And unlike closed source implementations of the protocol, the only metadata information retained by the Signal app or its developers is “the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.” This is a claim which has been proven in court.

All text messages, voice, and video calls are protected using an amalgamation of the Extended Triple Diffie-Hellman (X3DH) key agreement protocol, Double Ratchet algorithm, and pre-keys. Signal uses Curve25519, AES-256, and HMAC-SHA256 as cryptographic primitives.

Signal is widely regarded as the most secure e2ee messaging protocol ever invented. Although it is available through the Play Store, Google-phobic Android users can download a Google Play Services-free APK version of the app via the official Signal website.

Another feather in Signal’s cap is its ease of use. Signal replaces your phone’s regular SMS client. Text messages to and from non-Signal contacts are sent using regular SMS text messaging and are not secure. But messages sent to other Signal users are encrypted using the Signal protocol. You can also initiate secure voice and video conversations with other Signal users.

The beauty of this system is that Signal is almost transparent in use, which should make it easier to convince friends, family, and colleagues to actually use the app!

This ease of use, however, is also where Signal receives most criticism. Because it is designed to replace your regular SMS client, Signal requires that you register with a valid phone number which it uses to match up contacts.

Signal, however, cannot see your contacts, and your contact list cannot be accessed by anyone other than you. The truly paranoid can sign-up using a disposable “burner” phone or SIM card, since once registered the Signal app does not need to run on the phone it was registered with.

Please see our full Signal Review for an in-depth look at this important messaging app.

  • Free option

    Yes

    Pricing

    From  $4.00 - $8.00

Wire is an open-source e2ee messaging, voice, and video chat platform developed by Swiss-based Wire Swiss GmbH. It is particularly noted for its strong group chat and video conferencing support, and for its very snazzy user interface.

Supporters prefer Wire over Signal mainly because it does not require a phone number to register. You can opt to provide your phone number so that other users can easily find you, but you can use a (potentially disposable) email address instead, and identify yourself with a username of your choosing.

On the other hand, Wire collects far more metadata than Signal does in order to ensure smooth syncing across platforms – notably plaintext logs of users a customer has contacted.

This is a legitimate trade-off between security and convenience, but it does mean that people should carefully access their threat model before using Wire. For what it’s worth, Ed Snowden only recommends two private messengers – Signal and Wire.

Messages in Wire are encrypted using Proteus, which is an early iteration of what went on to become the Signal protocol. Like Signal, it uses OTR with a Double-Ratchet algorithm (ChaCha20, HMAC-SHA256, Elliptical curve Diffie-Hellman key exchange, and HKDF in key generation).

As is always the case with browser-based JavaScript cryptography, there is a danger of the server pushing compromised and malicious code when using Wire in your browser. This is not a problem when using a dedicated app.

Early criticisms of Proteus damaged public confidence in Wire. But these have been addressed, and the conclusions to a series of independent audits of Wire products are highly reassuring.

Although open-source, Wire is a commercial product. It is free for personal use, but paid enterprise plans are also available.

  • Free option

    Yes

Riot.im is an open-source e2ee text, voice, and video platform. What sets it apart from apps such as Signal and Wire is federation is using the Matrix communications protocol.

Federation means that instead of connecting to centralized servers run by the platform’s operators, users can set up their own servers or connect to any of the many Matrix servers that others have set up.

Another strength of Matrix is that it allows commination between users of different messenger software, as long as they all support Matrix. Matrix servers are also interoperable, so connecting to any Matrix server allows you to communicate with any Matrix user

Indeed, Matrix servers can even run “bridges” which allow communication between Matrix users and users of other messaging platforms such as Signal, Slack, IRC XMPP, and even the likes of Facebook Messenger, WhatsApp, and Google Hangouts!

This decentralized approach fixes a problem that Ed Snowden has himself identified with his more centralized private messenger recommendations. But while federation as a privacy feature has many fans, the idea remains controversial.

As with Wire you can register using a phone number or email address. You can also add an email address to your account in order to let other users find you more easily, or you can opt to just be identified by your chosen username.

The default option is to connect to the large public server run by matrix.org, but you can instead connect to any user-created Matrix server. It is even possible to deploy your own secure chat service in seconds using Modular hosted Matrix servers.

Matrix uses the Olm implementation of the Double Ratchet algorithm, with Megolm (an AES-based cryptographic ratchet) for group communications. Cryptographic primitives used include Ed25519 and Curve25519 keys, AES-256-CBC, and HMAC-SHA256, with forward secrecy provided by a Triple Diffie Hellman exchange.

Neither Riot nor Matrix have been fully audited, although Olm and Megolm have been. Riot.im has been criticized the past for its rather basic user interface, but this no longer true. It still lags behind the futuristic flashiness of Wire, but Riot is now a highly capable messenger with functionality often compared to the corporate messaging workhorse, Slack.

  • Free option

    Yes

Tox is a protocol, rather than an actual app or client. A number of open-source apps exist, however, which use the Tox protocol.

Tox takes the idea of decentralization even further than Riot.im by providing true peer-to-peer (P2P) communications network which operates without any need to route data through centralized servers (federated or not).

Users are identified with a Tox ID, but one consequence of being a P2P platform is that Tox contacts can see other contacts IP addresses. The official documentation suggests a workaround for this being to route your Tox connections through Tor, although we can’t see why routing it through a VPN wouldn’t also work (with the proviso that a using a VPN does not provide the anonymity Tor does).

If you do route Tox over Tor then the speed limitations of the Tor network mean that communications will, realistically, be text only. Otherwise, most Tox clients support a full range of voice and video chat, file sharing, and group chat features.

Tox uses the cryptographic primitives present in the NaCl crypto library, via libsodium. It employs curve25519 for its key exchanges, xsalsa20 for symmetric encryption, and poly1305 for message authentication.

These are well-established primitives, but neither the Tox protocol nor any apps based on it have been properly independently audited. Indeed, the Tox website itself clearly states that Tox is still under heavy development, so expect to run into some bugs.

  • Free option

    Yes

If you need true anonymity on the internet then Tor, as always, is your best bet. Ricochet is a cross-platform (desktop only) messenger which allows anonymous communication with contacts via a Tor Hidden service.

This means that there is zero need to trust anybody, and (as with Tox) there are no servers that can be hacked, monitored or censored. Users are identified solely by their screen name (for example: ricochet:hslmfsg47dmcqctb), which is auto-generated when first starting Ricochet.

Connections are secured by Tor, which uses a complex encryption scheme. Despite numerous high-level attacks (a few of which have good some limited success), Tor remains highly secure. Please see our Tor Review for more details.

Ricochet has itself been audited, the results were “reasonably positive,” and most of the “multiple areas of improvement" have since been patched (including the one critical vulnerability discovered).

As its website makes clear, Ricochet is an experiment, which a fact that users should include in their threat model when deciding whether to use it. But for those who require anonymous zero-trust commination, Ricochet is arguably the best option available (and is certainly better than routing Tox through Tor).

Ricochet is a text-only messaging client, but real efforts have been made to provide an attractive and functional user interface.

Note: Before anyone asks, we have deliberately not included Telegram on this list because we do not consider it to be a sufficiently private and secure messenger. Please see our VPNs for Telegram article for more details.

End-to-end encryption

Also called client-side encryption, end-to-end encryption (e2ee) means that your messages (and voice and video chats) are encrypted on your device and can only be accessed by the intended recipient. 

In other words, you are not trusting a third party to do the encrypting for you, and who therefore has access to the unencrypted messages. Until recently most messaging app were like this and were fundamentally insecure and non-private. 

But as we have already mentioned, this situation has changed dramatically over the last couple of yours or so, to the point that it can almost be assumed that messenger apps use e2ee. If they are doing what their developers say they are.

Mobile phone with encrypted messenger

Open-source

Nobody claims that open-source is perfect, but having code which can be looked at and audited at any time is the only guarantee possible that an app is doing what it supposed to be doing, and only what it is supposed to be doing.

For this reason, we only consider open-source messenger apps to be worthy of consideration in this article.

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at ProPrivacy.com. Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.

14 Comments

Snowden
on February 8, 2020
Reply
Hi... Please, consider evaluating and adding to the list: Jami. A great, open source, functional, stable and multiplatform private messenger. It supports Windows, Linux, Mac, Android and iOS: https://jami.net/ Also, another great and very promising (although still somewhat in development), with a descentraliced, distributed approach: Briar. So far it only supports Android, but other platforms are in the roadmap: https://briarproject.org/
https://cdn.proprivacy.com/storage/images/proprivacy/02/member-dougjpg-avatar-image-default-1png-avatar-image-default-minpng-avatar_image-small.png
Douglas Crawford replied to Snowden
on February 10, 2020
Reply
Hi Snowden. I can't say this will be a priority at the moment, but it does sound interesting and I've added it to my to-list.
SamuelRacoon
on February 2, 2020
Reply
What do you think about Utopia's messenger ecosystem?
https://cdn.proprivacy.com/storage/images/proprivacy/02/member-dougjpg-avatar-image-default-1png-avatar-image-default-minpng-avatar_image-small.png
Douglas Crawford replied to SamuelRacoon
on February 3, 2020
Reply
Hi Samuel. The fact that it is not open source means that I have little interest in Utopia as it means there is simply no way to know if it can be trusted.
Franz
on January 24, 2020
Reply
You should include Threema here as well!
https://cdn.proprivacy.com/storage/images/proprivacy/02/member-dougjpg-avatar-image-default-1png-avatar-image-default-minpng-avatar_image-small.png
Douglas Crawford replied to Franz
on January 27, 2020
Reply
Hi Franz. I excluded Threema because it is closed source proprietary software.
Peter
on December 10, 2019
Reply
Hello, Douglas! Of course e2ee it is so important in our days. But all these apps are using approximately the same encryption protocols like RSA, AES, or ECC. These protocols are good but not the best (because the RSA and ECC will be hacked in the coming quantum computing). But, there is the only unhackable encryption available - the Vernam cipher. For example, this cipher can't be hacked nowadays or in the future, even by a quantum computer. All secrets will be safe. The only app based on this cipher is the Vernam IM messenger. Moreover, it doesn't have its own servers, so no app developer in the middle. All encrypted traffic goes through a cloud service. Everything simple and clear. Plus, no registration, identification, and personal data collection. Here is the website vernam.im. Oh, I've checked, they can provide source code upon request to check. Maybe it should be added to this app list?
https://cdn.proprivacy.com/storage/images/proprivacy/02/member-dougjpg-avatar-image-default-1png-avatar-image-default-minpng-avatar_image-small.png
Douglas Crawford replied to Peter
on December 11, 2019
Reply
Hi Peter. We do prefer genuinely open source software, but if the code is freely source-available then I may have a look when time permits as Vernam cryptography does look interesting.
Show More Got Something to Say?

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives: