The content of your messages and the metadata associated with them should be secure and private. Unfortunately many messengers out there fail to do this.

In an ideal world, you'd avoid non-privacy-friendly messengers such as Facebook Messenger and WhatsApp. You should also aim to avoid carrying out private or sensitive conversations on social media direct messaging (DMs) and even Apple's iMessage system. While iMessage is encrypted and arguably better than messengers like WhatsApp, metadata is not necessarily "safe." Simply, better options out there exist for those seeking even more security and privacy in their messaging communications.

If you are looking for both secure and private messaging in your life, then use the alternatives listed here. The messengers listed here have a reputation for robust security and are considered private by design.

Session

Session is a decentralized messenger, utilizing the Oxen Service Node Network to route messages in a similar manner to Tor. It is developed by Oxen and has a focus on privacy – specifically the protection of metadata – and security.

Session does not require a phone number (or any potentially unique identifier) for use. Accounts on Session are created using a SessionID; this SessionID is not a username/password combination and instead has a unique-to-you seed phrase attached to it for recovery purposes.

Additionally, users’ local Session databases can be encrypted with a PIN code. Session does not collect metadata or any personal data. Session's decentralized nature and use of "onion" routing makes it resistant to censorship.

Session supports group chats, voice messages, and sending file attachments. Voice and video calls are a beta feature as of writing. These communication methods are all encrypted and the network has zero knowledge of metadata surrounding communications; because of this, Session states that there’s nothing to leak.

Session’s client does not utilize tracking methods nor display ads.

Signal

Signal is a well-known private messenger developed by the Signal Foundation. It’s available on most platforms and implements the Signal protocol, which has been audited over the years by different third-parties for security. Signal relies on centralized servers for message routing; however, voice and video calls are P2P.

Signal also requires a phone number for account creation and use of the service. The phone number serves as an identifier and establishes the account, but a VoIP or landline number can be used as long as the user has a method for receiving the mandatory verification code.

All communication to the server is encrypted and Signal has stated the server does not log sensitive metadata such as who called whom and when. However, for the purposes of relaying messages, user verification, and fighting spam, Signal's servers have access to metadata about the sender and recipient.

Contacts are encrypted on the user's device(s) using a pin, preventing the server(s) from having access to users' contacts. Users can the Sealed Sender feature – available for use only for those in your contacts – to minimize any metadata associated with communications, thus making communications even more private and secure.

Signal’s client does not engage in any tracking methods on its client nor does it display ads.

Threema

Threema is a well-respected messenger developed by Threema GmbH, a business based in Switzerland. Threema decentralizes some data such as contacts, group chats, and private keys and stores these on user devices – Threema’s servers don’t store copies of these types of data. Threema’s servers transmit messages using E2EE.

Threema does not require a phone number or email for use. Instead, ThreemaIDs and the “key pair” (one public key, one private key) are used to establish accounts. The public key of the key pair is sent to Threema’s servers for distribution to chat partners.

Threema supports voice and video calling, group chats, polling, communications with chatbots, and file sharing. It’s worth noting that Threema GmbH also provides other privacy-friendly and secure apps/services geared towards large, medium, and small organizations.

Use of Threema on the desktop requires the application to be installed on a mobile device. While Threema is open source, it’s ultimately a paid app/service; the price of the Threema app covers costs associated with the maintenance of server infrastructure.

Threema doesn’t collect personal information or metadata. Threema’s client doesn’t engage in tracking users or displaying ads.

Element

Element is a messenger based on the Matrix protocol, an open standard and communication protocol for real-time communication. Matrix supports federation and you'll find a variety of servers hosting Matrix-based messaging/chat solutions.

Many of the initial/main developers for the Matrix protocol work for Element. Interestingly, Element allows users to choose the server where their data will reside. Element does not require a phone number for account creation or service use. Messages are sent using E2EE, however, group voice and video calls are not E2EE.

Element supports messaging those completely outside the platform through the implementation of "Bridges." Bridges allow users on Element to communicate with those using another messenger, such as Telegram, Signal, or even the privacy-unfriendly WhatsApp. The free tier of Element allows for unlimited use of most features but relies on free public servers for rendering the service.

NOTE: Element Web in particular relies on federated servers and while this allows for considerable resistance to censorship, it’s important to note data is stored on involved servers. Therefore, the server where a user chooses to house their data should be reasonably trusted; usage of an untrustworthy server could compromise your privacy.

Element's client does not engage in tracking nor the displaying of ads.

A word on Telegram

While free and open source, Telegram is not generally recommended primarily because it does not support E2EE by default. In Telegram, E2EE is only enabled when using the Secret Chat feature. Group chats are not and cannot be encrypted. This lack of encryption has consequences for both privacy and security.

Telegram operates in the cloud, and while this does have good portability across multiple devices and device types, the service provider (or anyone with access to the cloud server) can read them at any time as messages are stored on the server. According to Telegram’s privacy policy, the service logs IP addresses and phone numbers.

Despite Telegram’s stance on using user information for ad and tracking purposes, this lack of encryption combined with storing messages in the cloud is a major cause for concern; this set up allows for easy snooping by third parties. Allegedly, Telegram has been accused of data sharing with governments.

Criteria for secure messaging recommendations

At a minimum, to be listed as a recommendation on avoidthehack, secure messaging solutions must:

Be Open-source

When it comes to messengers, closed-source platforms have proven time and time again any trust placed in them must be minimal. At best, no trust would be placed in them, which raises the question of why not find a better platform worthy of some trust?

Especially for messengers, open-source promotes transparency that the messaging platform is indeed using robust encryption and protocol implementations preserving user privacy and user security.

Use end-to-end-encryption

Messaging platforms must use authentic end-to-end encryption, verifiable via open-source. Preferably, the specific protocol and messaging platform uses would have been audited by a reputable third party and present results of audits publicly.

Minimal data collection at sign-up

The messaging platform must not collect excessive personal identifiable information (PII).

If the messaging platform insists on collecting phone numbers, then it must permit registration with VoIP numbers or non-SIM numbers.

Anonymous registration is preferred.

Minimal metadata exposure

The messaging platform should expose minimal metadata. Preferably, the platform would not expose any metadata to any servers or other third parties.

Any metadata should not be shared with third parties or used for any kind of advertising.

Free from ads

Apps and clients should be free from advertisements. AdTech is about privacy and cybersecurity unfriendly as it gets.

Availability across multiple platforms

For accessibility and portability, messaging platforms should support a minimum of three (3) different platforms, one of which must be a mobile platform (Android or iOS).

Final thoughts

Using private and secure messengers here in place of options such as WhatsApp and Telegram is important for those seeking more privacy in their communications with others.

In some cases, you may also want to avoid transmitting more private details over text message (SMS) as well. SMS is an unencrypted protocol, and the contents of your messages can be intercepted by third parties.

While the likes of iMessage is encrypted for Apple users, it's important to note that your metadata - such as your IP address, the number you're communicating with, and the time you searched for the number/communicated with it - may still be up for grabs. Understand that while your message contents themselves are safe, Metadata can reveal much of the "story," especially when combined with other data. The options provided here mitigate this.

Happy (secure) messaging and stay safe out there!