Top 10 Questions To Select A Secure And Private Messaging App

Couple of weeks ago we came across important questions for selecting secure messaging apps for businesses. Many people have asked us, what consumers should take care of when selecting a private and secure messaging app? Ideally a provider of a messaging app should answer all the following questions with YES. Here we go:

1. Is the transmission of the messages and all communications between the app and the server protected with an SSL encryption?

2. Are the messages and content end-to-end encrypted? Meaning: Only the sender and the receiver of a message can read it (this is quite important)?

3. Are the messages stored in a completely encrypted form on the server?

4. Is the provider not able to read the messages on the server?

5. Does the provider completely anonymize user accounts, messaging logs and profiles, and thus fully protect the privacy of users?

6. Your address book data is only stored on your device, and not stored on the servers of the provider?

7. The messaging app provider has a strong privacy policy, and does not sell or trade user data?

8. Is there a regular backup of the data on the server?

9. Is all data stored on servers outside of the USA (where it cannot be easily accessed by US government agencies)?

10. Is the provider of the messaging app based outside of the USA (again: thus cannot be easily accessed by US government agencies)?

A lot of messaging apps claim to be completely safe and encrypted. However, there are huge differences between providers as you can tell by this questionnaire. Not a lot of apps can answer all questions with YES. You will have to judge by yourself, what questions and topics are most important for you, and thus select a private and secure messaging app for your needs.

Advertisements

How PRISM Affects Messaging Apps

As a consequence of the PRISM scandal many users are worried about the protection of their privacy, and how safely service providers handle their data.

Probably most user data of messaging apps can be monitored

It seems that if you are not a USA citizen, the government and its agencies have less restrictions in regard to what data they can monitor. If you are a citizen of the USA, there seem to be more restrictions on how they can access your data.

Generally it is likely that the agencies get quicker access to companies based in the USA. In other countries legal hurdles will prevent a quick and direct access to a user’s data.

While reliable information is hardly available, not only big companies like Facebook, Sykpe, Google, Twitter, AOL, Microsoft, Apple, Yahoo, etc. are affected by PRISM, but probably as well many smaller service providers including the ones offering messaging apps and services.

Privacy and data protection unlikely with messaging app providers from the USA

Thus, most messaging app providers from the USA could well be affected by PRISM. And just to remember, some of them often haven’t had a history of being secure.

Overall, from a privacy perspective this can be worrying. It is not that the normal user has something to hide, but that her content and data might be monitored and stored somewhere without her knowledge.

Messaging services with end-to-end encryption from other countries beneficial 

Of course, people could turn to encrypt their messages, but many of the messaging apps offering encryption are not easy to use or not performant enough to be competitive. iMessage and Facetime are some of the exceptions which are said to be end-to-end encrypted. However, if Apple really has no master key to unlock your data, remains an open question.

If you are worried about your privacy, it is maybe worth taking a look at European messaging providers (for more info please read our secure and private sharing article). Some European countries like Germany have pretty strong law with regard to privacy and data protection. This could well be a safe harbor.