There’s no doubt: we’re using our mobiles more than ever. Our analytics alone for 2020 shows a huge increase in mobile visits. Desktop sales continue to decline as mobile processing power ramps up. Mobile encryption is becoming the norm. In this resource, we list some of our recommended mobile encryption apps and tools that you can use to encrypt your mobile communications.
Posted by Henry Dalziel | December 16, 2019 | Questions / Comments 16
- C|EH, Security+, MSc Marketing Management;
- Based in Hong Kong for the last five years;
- Cybersecurity Pro & Growth Hacker
If a mobile app says that it is “encrypted” then you need to understand how they define that and what technologies are being applied to justify that claim.
The “End-To-End Encryption Apps & Tools” we’ve listed in this resource all offer a high degree of encryptions and for the most part, they are secure, however, it’s the business model and the keys storage which is the biggest differentiator. Take for example WhatsApp. It’s owned by Facebook, which as we all know, is almost constantly in the news for privacy violations and concerns. This negativity impacts the perception of WhatsApp as being secure. We cover more details on some of the issues surrounding WhatsApp security below.
There are many legit reasons why you need mobile encryption and should be using secure communications. Your data is private and if it falls into the wrong hands then your stolen identity (and more) can be used against you.
When selecting an encrypted messaging app to install it’s worth to remember that web application apps (i.e. non-native mobile apps) like Instagram, Twitter, Snapchat or Facebook Messanger are not secure since they don’t use end-to-end encryption, so your conversations, files, and data can be viewed with traffic monitoring tools.
Skype, it appears, does, however, use end-to-end encryption at the beginning of 2018.
In 2020, security and privacy matter more than ever – just look at the news and fines being imposed on companies that experience security breaches. If you are concerned about your privacy then it’s a must to use one of the mobile encryption messaging apps listed below.
Join Our Mailing List & Get Tool Updates / Tutorial Info
Please Share This Resource! [HINT: We'll LOVE YOU for it!]
Released in 2013, Telegram was the most popular end-to-end messenger app for ISIS and other terrorist groups. In fact, in many ways, ISIS made Telegram “well known”. Telegram added “channels” to its app usage in 2014 – some features of the channels include “short-invite” sand the ability to download. Telegram was developed by Nikolai and Pavel Duro. According to Telegram’s founder: “The number 1 reason for me to support and help launch Telegram was to build a means of communication that can’t be accessed by the Russian secret agencies.” So, clearly, the founders are not fans of FAGCI (the Russian equivalent of the NSA or GCHQ). As of February 2016, Telegram’s members grew to a staggering 100 million – so clearly the app is popular and the technology is (was) very welcome. Some countries have tried to ban Telegram. The Iranian government has cracked down on Telegram users by arresting over 100 group administrators and charged them with “immoral content” propagation. Does Telegram as “a company” assist law enforcement? Well, they do, and they don’t. They do because in July 2016 they agreed to remove 600 pro-ISIS Telegram channels, and no, because they prove the security of their app by offering up to $300,000 to anyone that was able to crack into the communications over their end-to-end messaging encrypted mobile app. No one has to date been successful. Whilst Telegram is considered “unhackable”, two Cybersecurity Experts, Ola Flisback and Zuk Avraham were able to discover certain vulnerabilities within the metadata and data being stored within the process memory.
Released in late 2014, Wickr is another popular mobile encryption app which was founded by American security experts. Wickr is similar to (oddly) SnapChat because messages “self-destruct”. Wickr messages can be set to expire within minutes or days. Wickr scores highly for its’ ability to erase message by default and therefore all time stamps as well.
Clearly the industry leader which now ships with default encryption. It has a reputation of "not being very secure" and perhaps for good reasons... Released in 2010, WhatsApp is now owned by Facebook. Founders Brian Acton and Jan Koum didn’t launch their app as a messaging mobile application, rather, it was meant to let the user know if their contacts were online. WhatsApp evolved into a messaging app and the company grew rapidly (over time) and was purchased by Facebook for $19 billion in 2014. A few years later Facebook merged WhatsApp metadata with their social media platform. Compared to Telegram, WhatsApp has a gigantic user base, claiming to have over one billion users. Of concern is that the fact that all messaging (and associated media) is timestamped with the metadata so it is possible for Digital Forensic experts to build a picture and pattern of communications if they so wished (and of course with legal enforcement). WhatsApp was banned in Brazil which results in removing approximately 94 million people off the system after the company (Facebook) refused to comply with court orders to hand over the logs of WhatsApp messaging in the government's war on drugs. WhatsApp has also been previously banned in Bangladesh (along with other social media platforms too) as a result of political instability. A security researcher, Bas Bosschert, was able to demonstrate that WhatsApp was vulnerable to being hacked. The WhatsApp hacking tool was called WhatsSpy and was able to track targets status online and edit/ view their privacy settings and more. All told, WhatsApp has a reputation as not being completely secure compared to the other end-to-end mobile encryption apps on the market.
Available for download since July 2016, Signal is a free end-to-end encryption that works on both iOS and Android. Edward Snowden made Signal popular by stating that he used it for his communication. Since Signal is open sourced it can be forked into other projects or even white labelled, should that be deemed necessary.
Like Signal, Surespot is an open-source mobile encryption messaging app. It is similar to Wickr in the sense that messages can be timed to be automatically ‘erased’ and, working on both iOS and Android, the app also facilitates ‘multiple identities’.
This mobile encrypted tool was named by ISIS as being their preferred mobile messaging application! This app was designed by ex-US military. Upon hearing that their app was being used by Islamic State they decided to make creating an account more rigorous.
Viber is actually very secure since they claim that they can’t read or listen to any of your chats and calls. The creators and enginners who maintain Viber claim that they access messages since they use end-to-end encryption by default. This means that all the private and group communications are completely encrypted so that only users can read or hear messages.
Released in December 2012, this Swiss-engineered mobile app has (like all the other encrypted messaging tools listed in this resource), end-to-end encryption. According to Threema, “messages are stored for up to 14 days if not deleted on servers; whichever comes first”. This makes it impossible for law enforcement to subpoena Threema. Interesting as a tangent to note that Threema joins the list of other notable and successful Cybersecurity companies such as Protonmail.
You may also like...
We've interviewed over 25 Cybersecurity Professionals to ask them that exact question...
No, GSM calls (and data traffic) are not always encrypted. 2G connections can be unencrypted as part of the 2G protocol and even if you have a 3G or 4G phone you still can make those unencrypted 2G calls. In a perfect world all calls would be encrypted as you would expect providers to turn on 2G encryption.
From the Home screen, tap Apps (located in the lower right) > settings > personal settings > security > encryption > encrypt phone > “enable” or “disable.”
Go to Settings > Security and you will see the Encrypt Phone option. If your phone is already encrypted, it will say so but if not, tap on it and follow the instructions.
Click Settings > Security > Encrypt Device. On some phones, you may need to choose Storage > Storage encryption or Storage > Lock screen and security > Other security settings to find the encrypt option.
Letter Sealing is an implementation of end to end encryption by LINE. When Letter Sealing is enabled, messages are encrypted on the client-side before they are sent, and the content cannot be decrypted, even on LINE’s servers. … Presently, a limited number of message types are encrypted with Letter Sealing.
No, your text messages are not encrypted. Text Messages move through a carrier’s network through various stages: Phone to the cell tower.
Enter a secret key into the Secret Key box at the top of the app’s screen, type the message you want to encrypt into the Message box, tap “Encrypt” and tap “Send via SMS” to send the encrypted message.
WhatsApp Calling lets you talk to your friends and family, even if they’re in another country. Just like your messages, WhatsApp calls are end-to-end encrypted so WhatsApp and third parties can’t listen to them.
The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.
One such option is to encrypt your entire device. This means that every time you power your phone on, you’ll need either a numeric pin or password to decrypt the device. An encrypted device is far more secure than an unencrypted one. When encrypted, the only way to get into the phone is with the encryption key.
On a phone that means your photos, text conversations, emails and documents. Encryption stores information in a scrambled format, typically unreadable by computers or people without a key (which only the device’s owner should know) to unlock the data.
Encrypting does not completely delete the files, but the factory reset process gets rid of the encryption key. As a result, the device has no way it can decrypt the files and, therefore, makes data recovery extremely difficult.