Facebook Messenger will soon get end-to-end encryption feature with new Secret Conversations mode.
July 12, 2016:Â Facebook Messenger will soon get end-to-end encryption feature with new Secret Conversations mode, the company has confirmed. Facebook Messenger is following WhatsApp when it comes to end-to-end encryption.
For starters, end-to-end encryption means the messages, videos, photos, calls made over the app canâ€™t be read by anyone; not Facebook, not third-parties like the government or cyber-criminals or hackers. End-to-end encryption means device level encryption, and the data is not stored on the companyâ€™s servers.
However, WhatsAppâ€™sÂ end-to-end encryption is enabled across the app by default, while on Facebook Messenger it will only be activated during the â€˜secret conversationsâ€™ mode. This is similar to the mode in messaging app Telegram, where only â€˜secret chatsâ€™ are end-to-end encrypted, and users can set a timer to make these chats disappear.
Facebook Messenger will also let users set a timer on these â€˜secret conversations,â€™ and the messages will disappear after the allocated time, once the other users has read them.
To start a secret conversation, a user will have to tap on their friendâ€™s name and once you scroll down, thisÂ option will appear.Â Facebook Messenger is at presentÂ testing the end-to-end encryption, and so you wonâ€™t see it for now, but the company has promised a roll out soon.
Like WhatsApp, Facebook is using â€œThe Signal Protocolâ€, designed by Open Whisper Systems, for its end-to-end encryption. Facebook has also put out a white paper explaining how the secret chat will work on the app.
For starters, â€œSecret Conversationsâ€ will use a â€œdifferent transport protocol and specialised on-device storage and separate back-end infrastructure.Â The white paper also notes that each secret conversation will generate metadata like â€œdelivery and read receiptsâ€, which is not end-to-end encrypted and wonâ€™t contain message plain text.
Facebook Messenger also use the 256-bit encryption to secure these messages, which are sent out by users.
If you or your friend switch devices during a secret conversation, then the existing messages or cryptographicÂ keys are not transferred to the new preferred device, and users will have to explicitly resend messages to the new devices, in case of bounced messages.
WhatsApp with over 1 billion users has end-to-end encryption and as we noted earlierÂ that makes it aÂ reallyÂ big deal. Facebook Messenger has 1 billion downloads on the Google Play Store as well, and close to 900 million monthly active users. With the secret conversations option rolling out, this means another large chunk of users and a part of their chats will get secured.
Google also launched an instant messaging app called Allo, which has an end-to-end encrypted chat mode. Incognito chats in Googleâ€™s Allo will have a message expiration time as well as private notifications.
Privacy experts point out that by not making end-to-end encryption as default mode, apps are not really protecting user privacy. Â In fact, when Allo was first announced by Google, NSA whistleblower Edward Snowden criticised the app, saying the companyâ€™s decision to disable end-to-end encryption was dangerous.
Experts also argue that most people wonâ€™t end up using the â€˜secretâ€™ chat mode. Â In case of Telegram, Allo, etc the end-to-end encrypted mode comes with a time-limit, and thus ensures the message disappear from the device and canâ€™t be read by anyone else. Â WhatsApp has end-to-end encryption across the board, but thereâ€™s no concept of disappearing messages, which means they can still be read or accessed if the device is compromised.
Weâ€™ll have to wait and see how soon Facebook Messenger rolls out end-to-end encryption for all and how.