Secure Chat Tools for mobile devices
Recommendations on secure mobile chat tools for iOS and Android
Chat tools for mobile devices are numerous. We should make sure that the secure chat tools we recommend meet all of the following requirements (or, if they don’t, that their features meet the client’s needs and match their threat model):
- Group Chat Support
- End-to-End Encryption
- Mature and maintained open source encryption protocol
- Possibly all components should be open source (client-side and server-side)
- Allows communication over mobile networks (3G/4G) or Wi-Fi
- Sends notifications
- Interoperability between iOS and Android
There are many chat apps that are available for iOS and Android, but only a few meet all of the above requirements. To decide what tools to recommend, we should compare the features of each tool with the client’s threat model and needs - although the preference should be for fully open source tools, sometimes the client might have other needs that are not met by the available free and open source software.
Free and open source centralized tools
Among all apps, Signal meets all of the above requirement and does not store metadata.
Signal is an Android, iOS and desktop app that offers end-to-end encrypted instant messaging, group chat, and 1:1 voice calls.
The encryption is based on the Signal protocol, and software is open source both client- and server-side.
Let the client know about relevant Signal Features:
- End-to-end encryption for IM, group chat, voice messages, file sharing, and 1:1 voice calls
- Ability to verify the identity of other users (using key or QR code)
- Open source (GitHub link)
- Intuitive design
- Also allows users to send regular SMS messages (on Android, unencrypted)
- Allows message attachments
- Possibility of setting a timer for disappearing messages
Instructions for installing and using Signal:
On Android devices, Signal can also be installed without the Play Store. This is recommended only if the client can verify the .apk file. The .apk file and its SHA256 fingerprint can be found in this page
Signal can be used through a desktop app, but it first needs to be registered on a phone. Once it’s been registered, the client can download the desktop app here, install it, and link it to their account. Instructions for linking an account to a desktop app can be found here.
- Signal’s support pages
- For tips on how to use Signal more securely, read Martin Shelton’s “Locking Down Signal: A Guide for Journalists.
Warnings and recommendations
Signal can only be registered through an existing phone number, which becomes the user’s identifier. If the client does not wish to use their personal phone number or to share it with their contacts, they can register Signal with a burner SIM card (if available in their country), or with an online phone service. To explain how to do this, we can find instructions in this tutorial.
Signal can also be used for voice calls, but not through the desktop app.
Signal is censored in Egypt, Qatar, and the United Arab Emirates. In other countries it cannot be registered, but can be used if registered abroad.
Wire is a cross-platform, encrypted instant messaging client available for iOS, Android, Linux, Windows, macOS and web browser clients. It can be used to make voice and video calls, and to send text messages and files.
It requires a phone number or email address for registration. If the client needs anonymity, they can create e new email account with the Tor Browser and use that account to register on Wire.
Wire is free for personal use and offers additional group functionalities for paid accounts. For registering an account for personal use, clients should visit this page.
- End-to-end encryption for IM, group chat, voice messages, file sharing, voice calls, and 1:1 video calls
- Ability to verify the identity of other users’ devices
- Open source (code on GitHub)
- Intuitive design
- Allows message attachments and drawings
- Possibility of setting a timer for disappearing messages
- Possibility of deleting messages in the recipient’s devices
- End-to-end encrypted group video calls (can only be initiated by a user with a paid account)
- Secure guest rooms - users with premium accounts can create rooms that others can join without downloading anything or creating an account
Wire uses open source software both client- and server-side. The servers are based in the European Union, but the company is based in the United States. According to Wire’s Privacy Whitepaper [PDF], Wire maintains the following metadata about conversations on the backend servers (this metadata is encrypted using transport encryption between the clients):
- Creator: The user who created the conversation.
- Timestamp: The UTC timestamp when the conversation was created.
- Participants list: The list of users who are participants of that conversation and their devices.
- Conversation name: Every user can name or rename a group conversation.
The transparency report [PDF] shows that between until 2017 Wire didn’t receive any data handover requests, but in 2018 they received one formally correct request that affected 8 user accounts.
Free and open source Self-Hosted/Federated Tools
Riot is an open source client for the Matrix network, an open network for federated, end-to-end encrypted communication. Riot focuses on collaboration for teams and communities, and is available on web, desktop, iOS, and Android.
What makes this solution different is the concept of Homeservers. A Homeserver manages messages for users, recording them when they are received and providing them to users when they connect. Homeservers federate to communicate amongst each other. This means anyone can run a Homeserver and connect it to the greater network of Matrix, providing a distributed approach to building a chat network.
- Decentralised cryptographically signed conversation history replicated over all the servers that participate in a room
- Group and 1:1 Messaging
- End-to-end Encryption via the Olm and Megolm double ratchet implementation
- VoIP signalling for WebRTC
- Read receipts, Typing and Presence Notifications
- Server-side push notification rules
- Server-side search
- Synchronised read state and unread counts
Decentralised content repository
- Riot website
- Matrix website
- Matrix cryptographic review
- Riot howto videos
Riot can be a good solution for groups that want to self-host their internal chat instance. On the other hand, we must warn clients that it produces a lot of metadata, and, if their Matrix Homeserver is federated with others, this metadata will be shared with all the other servers, that clients cannot control.
It must also be noted that Riot/Matrix might not be the best solution for threat models where the state of Israel is considered one of the main adversaries, given that some of Matrix core developers worked for a company that has tight links with Israel. For more information see this Wikipedia page.
Some further potentially useful background is some analysis of privacy and data collection practicies of Matrix.org.
XMPP is an open communication protocol for instant messaging based on a federated model. Clients can create an account on one of the many available XMPP servers, or, if they’re activists, can also choose to create an account on one of the Jabber/XMPP providers listed in this page.
Once a Jabber/XMPP account has been created, it can be used on several clients for desktop and mobile devices. XMPP conversations can be encrypted with OTR or OMEMO.
Since OTR does not allow for group encryption, and OMEMO’s group encryption is still unreliable, XMPP is only recommended for 1:1 conversations.
On mobile devices, it is best to use OMEMO, which allows for receiving messages that are sent while the user is offline. This also means that if a malevolent actor has access to a user’s device, they will be able to read all the messages that are sent to them.
- OMEMO official page
- OMEMO code on Github
- Offline Messages / Backlog
- File Transfer
- Forward Secrecy
- Encrypted group chat (please note that this feature is unreliable, especially if different clients are being used to access the group chat)
The XMPP clients for mobile devices that allow for OMEMO encryption are Conversations and Pix-Art Messenger for Android and ChatSecure for iOS.
- Conversations can be downloaded from the Play Store or from F-Droid.
- Official website
- Code on Github
- Security specifications
On Conversations, messages can be set to disappear after a given time period for every conversation in the “Expert Settings” section of the settings:
Settings -> Advanced -> Expert Settings -> Automatic message deletion.
- Pix-Art Messenger is a fork of Conversations that allows both for OMEMO and OTR encryption. It can be downloaded from the Play Store or from F-Droid, and the .apk file is also available on Github.
- ChatSecure can be installed from the App Store
If, given the user’s threat model, it is more indicated to establish a different encrypted session for each conversation, and it is not crucial to encrypt group chats or receive messages that are sent to the user while they’re offline, we should recommend the usage of OTR instead of OMEMO.
- OTR official page
- A git repository of the OTR source code can be found on the otr.im community development site
- Encryption of 1:1 messages
- Authentication of contacts
- Perfect forward secrecy
XMPP clients for mobile devices that allow for OTR encryption are Xabber and Pix-Art Messenger (see above) for Android and ChatSecure for iOS (see above).
- Xabber can be downloaded from the Play Store or from F-Droid.
Mattermost is an open source, self-hosted Slack-alternative. It is a useful tool for team communications, that can be searched, accessed from various platforms, and connected to other services, like Gitlab, monitoring systems, or Request Tracker.
Mattermost conversations are not end-to-end encrypted, but a group can self-host their instance behind a VPN.
- 1-1 and group messaging
- File sharing
- Webhooks and commands
- The Android client can be installed from the Play Store or from F-Droid
the iOS client can be installed from the App Store
- Official website
- Code on Gitlab.com
- How to install a Mattermost server
Threema is a proprietary end-to-end encrypted instant messaging application for iOS, Android, and Windows Phone. It uses the open source NaCl library for encryption, which is open to independent audits. For more information on Threema’s security, see this page.
- text and voice messages
- voice calls
- File sharing
- Silently agree or disagree to received messages
- Hide confidential chats and password-protect them with a PIN or fingerprint
- Can be used on tablets and devices without SIM card
- Verify your contacts via QR Code
- distribution lists
- no phone number required
- Optional contact sync
- Quote text messages
- Located in Switzerland
Although WhatsApp is not open source, it is a very popular app and offers end-to-end encryption based on the Signal protocol.
The app can be configured to improve its security and privacy settings. To reduce risk and increase privacy when using WhatsApp, we should recommend the client to configure the following settings:
Settings -> Account -> Privacy
Last Seen: My Contacts
Profile Photo: My Contacts
Status: My Contacts
Read Receipts: OFF
Settings -> Account -> Security
Show Security Notifications: ON
Settings -> Chats
Save Incoming Media: OFF
Chat Backup -> Auto Backup: OFF
Settings » Notifications
Show Preview: OFF (unfortunately, this still displays the sender’s name)
These settings are a reasonable middle ground for reducing the amount of data that the app creates locally, and minimizing what is exposed as clear text on iCloud/Google Drive.
WhatsApp can be downloaded from the Play Store for Android and from the App Store for iOS. - WhatsApp website - the grugq, Operational WhatsApp (on iOS)
Facebook Messenger is a messaging app and platform with standalone iOS and Android apps.
Facebook Messenger can also be used for end-to-end encrypted communications, but this feature is not the default. Secret messages can be used for sending messages, pictures, stickers, videos, and voice messages. It cannot be used for group messages and voice or video calls.
- To start a so called Secret Conversation, the client can follow there instructions.
- More information on Secret Conversations
Wickr is a freemium proprietary instant messaging platform that allows users to exchange end-to-end encrypted and content-expiring messages, including photos, videos, and file attachments and place end-to-end encrypted video conference calls. The software is available for the iOS, Android, Mac, Windows 10, and Linux operating systems. The company is located in the US.
- end-to-end encrypted messages
- contacts verification
- forward secrecy
registration without phone number or email
- Wickr white paper
- open source cryptographic protocol
If the client’s main requirements is anonymous set-up (i.e. no phone number or email account used in setup) and they require self-destructing messages, we can recommend Wickr as the most suitable app for their needs.
If possible, we recommend not using Telegram, as the server-side software is not open source and also because it has developed its own cryptography instead of using mature and tested cryptographic protocols that already existed.
Nevertheless, its usage is very wide-spread, especially in some regions like FSU, so we have gathered some tips to make the usage of Telegram a bit more secure.
- Enable 2-factor authentication:
- How does 2-Step Verification work?
- to enable 2-factor authentication, go to: Settings –> Privacy and Security –> 2-Step Verification
- Use a username and share it instead of the phone number
- Usernames can be changed. Phone numbers can’t.
- However, any usernames are searchable and anyone can send you messages via t.me/username
Telegram provides groups and user-to-user chat. Both types can be secured, though only user-to-user chat can be end-to-end encrypted.
- User-to-user chat is not end-to-end encrypted by default. To encrypt it, you need to enable a feature called Secret Chats:
- Read more on Secret Chats here.
- The Secret Chats feature encrypts communication between two users. The admins of Telegram can’t read it.
- If you delete a message, the copy on the other side will be deleted too.
- You can set a timer after which a message will be deleted.
- These two features are useful in case the device is seized or stolen.
- You can enable notifications to learn if the other side takes screenshots. But this is not available on all platforms (especially Android).
- A Secret Chat can be started as follows:
- iOS: Start a new message (tap the icon in the top-right corner in Messages). Then click “New secret chat”.
- Android: Swipe right to open the menu, then click “New secret chat’”.
- If you are managing a Group on Telegram:
- Groups are private by default. They can be turned to public.
- Group Permissions: It’s useful to restrict all members from posting specific kinds of content if inappropriate.
- The administrator can delete inappropriate content.
|Tool||Open source||Default E2E||Group chat||Encryption protocol||Anonymous sign-up||Email sign-up||Phone sign-up||Self-destructing messages||Remote message deletion||Metadata Collection||Paid||Jurisdiction||Self-hosted||Usability|
|XMPP+OMEMO||Yes||No||Unreliable||OMEMO||No||Yes||No||Conversations: yes||No||Depends on the provider||No||-||Yes||Medium|
|XMPP+OTR||Yes||No||No||OTR||No||Yes||No||No||No||Depends on the provider||No||-||Yes||Low|
|Threema||Only encryption protocol||Yes||Yes||NaCl||Yes||No||No||No||No||No||No||Switzerland||No||Good|
|Only encryption protocol||Yes||Yes||Signal||No||No||Yes||Yes||Yes||Yes||No||USA||No||Good|
|FB Messenger||Only encryption protocol||No||No||Signal||No||Yes||No||Yes||No||Yes||No||USA||No||Good|
|Wickr Me||Only encryption protocol||Yes||Yes||Wickr||Yes||No||No||Yes||Yes||No||No||USA||No||Good|
|Telegram||Only client||Only groups. Not 1:1 chats||Yes||MTProto (home-grown)||No||No||Yes||Yes||Yes||Unknown||No||Dubai||No||Good|