Encrypted messaging apps are mobile or desktop applications that allow users to communicate securely with each other by encrypting their messages, calls and multimedia content, making it unreadable to anyone except the intended recipient. The use of encryption helps to protect the privacy and security of the users, as well as their personal and sensitive information from being intercepted or accessed by unauthorized parties. Some popular consumer-grade encrypted messaging apps include WhatsApp, Signal, and Telegram, among others.
But users and organizations alike may be getting the facts wrong on encrypted messaging apps and the level of security and privacy they truly provide. There are key differences between enterprise-grade and consumer-grade encrypted messaging app offerings. To set the record straight, we spoke with Amandine Le Pape, COO of Element.
What are some of the top misconceptions about encrypted messaging apps?
That they are encrypted! Many messaging apps are not end-to-end encrypted (E2EE) by default. Telegram is a good example as it’s known for E2EE, yet the user has to specifically select a secret chat to actually benefit from E2EE.
Another misconception is the assumption that they are private! Most messaging apps are automatically tied to your mobile phone number. For many people who appreciate a bit of privacy, it’s pretty weird to be revealing your number to anyone who looks you up (especially those who use one mobile for both work and home). And where’s the logic in something like Signal automatically flagging to anyone in your address book that you've just joined a supposedly privacy-respecting network? Happily there are messaging apps that don’t require your phone number by default or, indeed, at all.
Another thing that’s often overlooked is that most end-to-end encrypted messaging apps are completely owned and controlled by the service provider (whoever develops and owns the app). That raises three principal issues.
Your data (meaning metadata, such as who you contacted and when) and actual messages are transported and potentially stored on the vendor’s servers. So if your message isn’t end-to-end encrypted (as could easily be the case with Telegram, for example), the vendor could theoretically access them. And even if they are end-to-end encrypted by default, the vendor still has access to your unencrypted metadata. So if the app (let’s say WhatsApp in this case, given it’s E2EE by default) is owned by a data mining firm (such as Meta), that’s not good from a privacy perspective. If that very same data mining firm owns multiple products, including a huge social media platform (let’s pick Facebook as a totally random example), and has loudly trumpeted its intention to bring all those products and services closer together; well, that’s definitely not good for your privacy.
A very popular, centralized app - especially one that is regarded as secure - creates an incredibly attractive attack target. A honeypot for all types of bad actors, particularly those with enough patience and resources to place their own people inside an attack target.
A centralized network has single points of failure. That’s why the likes of Signal and WhatsApp (and Microsoft Teams or Slack for that matter) suffer from global outages (as I write this, Microsoft 365 is currently down).
To avoid such issues, people should look to use a messaging app that’s end-to-end encrypted by default, and operates over a decentralized network. Element (built on a decentralized, end-to-end encrypted open standard called Matrix) is an example, but there are others available.
How do consumer-grade messaging apps put employees and employers at risk?
The biggest issue is that consumer-grade messaging apps are exactly that; designed for consumers. They don’t give the employer any of the enterprise functionality you have with corporate email or a traditional collaboration tool.
As a result, the employer has no record keeping of discussions or decision-making; which is precisely why Wall Street banks have been fined around $2bn by the SEC and the CFTC. An enterprise messaging tool can ensure the company has an official audit of discussions.
Another major issue is that the company has no ownership of discussion groups, which creates multiple issues including a lack of reliable provisioning and deprovisioning for employees. So it’s easy for an ex-employer - who may well have joined a competitor - to remain in supposedly confidential discussions.
Likewise there’s every possibility that new joiners aren’t included in relevant groups or - even worse - that people can be deliberately excluded. And on that theme, with no company oversight, it’s very difficult for the company to ensure appropriate behavior within chat groups.
What capabilities does a solution need to have in order to work with enterprise-grade apps?
So, first and foremost, an enterprise-grade messenger is a platform that gives the organization using it ownership and control. That means the company has complete control over it, as it would with corporate email.
The company should be able to decide how and where to host its data; self-hosting either on-premise or in a private cloud, or deciding to use a fully managed hosting solution.
The company is also likely to want to manage the app through its existing single sign-on (SSO) system, so it can manage chat room access. A messaging platform should be suitably flexible to ensure the company can tailor deployment and usage to fit its security profile.
For example SSO integration could also provide one click access from a chat room to another enterprise application. Powerful admin functionality enables the company to create and manage chat rooms, audit conversations, moderate chat rooms, ensure effective provisioning and deprovisioning, antivirus, DLP and all the rest of it.
Control over in-app functionality is also important. Some companies, for example, may need to block in-app functions such as cameras, social media access or screenshots.
What is your perception of e2e encryption currently being used in large messaging apps (iMessage, etc.)?
Most of the main messaging apps are fully owned and controlled by the vendor. All the power sits with the vendor, from the terms and conditions to there being little or no flexibility for the user. They are centralized, proprietary ‘black box’ systems that users simply have to trust.
As a result, you are trusting that the vendor of the platform is actually providing the E2EE service they tell you that they are and that they haven’t implemented a secret back door or any other nasties to enable data mining.
Vendors who are committed to open source (such as Element and Signal) are exceptions. The advantage they offer is that the E2EE code is freely available, so there’s good transparency and are therefore more trustworthy.
How do you see encrypted messaging evolving in 2023? Beyond?
We’ll see the usual tug of war between parties who want to use E2EE to help secure communication and improve privacy, and those who want to implement blanket surveillance.
The debate is not made any easier when governments regularly want both. They want the benefit of E2EE to help protect organizations and people against a wide range of threats, and yet simultaneously want to be able to monitor whoever, whatever and whenever. Eventually the debate will mature enough to realize that only genuine, non-backdoored, E2EE can secure conversations.
The other major development will be around interoperability. Governments (especially in Europe) and consumers are tired of Big Tech’s dominance and weary of its commercial surveillance (data mining).
The EU’s Digital Markets Act (DMA) is an example of how regulators are moving to enforce interoperability between messaging apps in a bid to increase competition, improve customer choice and raise security standards. Open standards for real time messaging, such as Matrix, will play a key role in enabling interoperable E2EE.
An open standard for real time E2EE communications is a real game changer. Suddenly, the main benefit of email (that it’s incredibly easy to connect with anyone, regardless of the email client either party uses) gets combined with the ease of use and E2EE associated with messaging apps and the productivity benefits and enterprise functionality of traditional collaboration tools (which, remember, are not E2EE). All of a sudden, entire supply chains can communicate and collaborate in real time with E2EE - and in the case of Matrix, across a highly-resilient decentralized network that ensures data sovereignty.