My current top picks:


Criteria:

  • This list is focused on instant messaging and chatting as the primary usage of the app
  • Clients on multiple platforms preferred
  • Does not expose your phone number or email address to other users
  • Does not leak data (pictures or other data saved unencrypted in browseable folders)
  • Has ephemeral messages (encryption keys destroyed after a set time)
  • Has contact verification
  • Testing done on both Android and iOS when possible. See my testing setup

SMS Apps:

  • Signal
    OK let's get this one out of the way first. If you have a phone, there's almost no way to get away from SMS. So the best thing you can do is protect your SMS messages at rest with encryption. Signal also offers excellent end to end encryption between Signal users. One draw back of Signal is that everyone you connect with will know your phone number, but for people you are comfortable knowing your phone number that is fine.
  • Runner up: Silence
    If you don't want to use Signal as a messaging app then I recommend getting Silence just for SMS messages. It will locally encrypt the SMS database on your phone. You can also send encrypted SMS messages to other Silence users. Since Silence only uses SMS it is not dependent on any servers like Signal is.


Messaging apps listed here do not expose your phone number or email address. Notes within [brackets] are potential negative attributes:

  • Top Tier Recommendations:
    • Wire - [Beware of possible high battery usage on older Android versions or Android forks without Play Services]
    • WickrMe - All messages expire [Based in USA]
    • SafeSwiss - P2P, based in Switzerland
  • Second Tier (misses some criteria):
    • Threema - Based in Switzerland [No PFS or ephemeral messages]
    • TwinMe - P2P, based in Germany [No ephemeral messages or contact verification]
  • Third Tier (keep an eye on these):
    • Briar Project - P2P, can use Tor [Android only, text only, no ephemeral messages]
    • Keybase - [Based in USA, only "exploding" messages are PFS, no contact verification]
    • Blackberry Messenger Enterprise - [Based in Canada, no ephemeral messages, PFS or contact verification]
    • Tungsten - New app still in beta but this shows lots of promise. Uses the TOR network for anonymous profiles, synchronizes across multiple devices, multiple personas, based in Germany. [No ephemeral messages or contact verification]
    • BabelNet - Very nice syncing between multiple devices, based outside of the 14 eyes [User interface needs clarified wording, trouble connecting with LineageOS]
    • Conversations (XMPP) or Pix-Art (XMPP) - Based in Germany [Android Only, no ephemeral messages]
  • Use with caution:
    • Riot - [E2EE still in beta, Based in the UK, no ephemeral messages]
    December 2018: Recently there have been some troubling laws passed and articles written in the UK and Australia (part of the 5 eyes countries) that may cause issues with trust in applications developed in those countries. Both countries now seem to be pushing for backdoor access for government surveillance to be built into secure messaging applications. Not only will this weaken or break End to End security, but apps that are not open source from those countries may no longer be trusted and may be used for a mass surveillance program. Here are some recent articles.
    Principles for a More Informed Exceptional Access Debate
    In a world of encrypted services, a potential solution could be to go back a few decades. It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call. The service provider usually controls the identity system and so really decides who’s who and which devices are involved - they’re usually involved in introducing the parties to a chat or call. You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication. This sort of solution seems to be no more intrusive than the virtual crocodile clips that our democratically elected representatives and judiciary authorise today in traditional voice intercept solutions and certainly doesn’t give any government power they shouldn’t have.

    We’re not talking about weakening encryption or defeating the end-to-end nature of the service. In a solution like this, we’re normally talking about suppressing a notification on a target’s device, and only on the device of the target and possibly those they communicate with. That’s a very different proposition to discuss and you don’t even have to touch the encryption.
      -Ian Levy is the technical director of the National Cyber Security Centre, a part of GCHQ.
      -Crispin Robinson is the technical director for cryptanalysis at GCHQ.

    Australia passes new law to thwart strong encryption
    The new law, which has been pushed for since at least 2017, requires that companies provide a way to get at encrypted communications and data via a warrant process. It also imposes fines of up to A$10 million for companies that do not comply and A$50,000 for individuals who do not comply. In short, the law thwarts (or at least tries to thwart) strong encryption.

    Companies who receive one of these warrants have the option of either complying with the government or waiting for a court order. However, by default, the orders are secret, so companies would not be able to tell the public that they had received one.



How about some rankings?


The following scoring table includes messaging apps that can be used across multiple platforms that synchronize conversations to all devices:

Application Additional sharing features- files, photos, etc Group chats Unified UI across platforms Messages sync to all devices Open source Perfect forward secrecy Ephemeral Messages Contact Verification Based outside the 5 eyes: +.5
Based outside the 14 eyes: +.5
Total score:
Wire 111111111 (Switzerland)9
BabelNet 111101111 (Czech Republic)8
WickrMe 1111.51110 (USA)7.5
Riot (Use with Caution) 111111010 (UK)7
Keybase 11111.5 (exploding messages)100 (USA)6.5
Tungsten 11110100.5 (Germany)5.5
Blackberry Messenger Enterprise 111100100 (Canada)5.0

The following scoring table includes messaging apps used on a single device:

Application Additional sharing features- files, photos, etc Group chats Open source Perfect forward secrecy Ephemeral Messages Contact Verification Clients on multiple platforms Based outside the 5 eyes: +.5
Based outside the 14 eyes: +.5
Total score:
Wire 11111111 (Switzerland)8
BabelNet 11011111 (Czech Republic)7
SafeSwiss 11011111 (Switzerland)7
WickrMe 11.511110 (USA)6.5
Threema 11.5.5 (only on the network layer)0111 (Switzerland)6
Riot (Use with Caution) 11110110 (UK)6
Keybase 111.5 (exploding messages)1010 (USA)5.5
Briar Project 011101015
Conversations (XMPP) 111.5 (OMEMO only)010.5 (Germany)5
TwinMe 1101001.5 (Germany)4.5
Tungsten 1101001.5 (Germany)4.5
Blackberry Messenger Enterprise 11001010 (Canada)4.0