As an everyday social media user, end-to-end encryption is a core requirement for any messenger app that claims to be secured and private. This means messages are encrypted on your device and can only be decrypted on the device of the intended recipient.
WhatsApp uses end-to-end encryption, so the actual messages are therefore secured on the platform. But this does nothing to stop Facebook from abusing metadata: information about whom you communicate with, from what location, at what particular time, from which device and how often. This means that all your messages both sent and received is being monitored by Facebook.
Top 7 Best WhatsApp Alternative That Respects Your Privacy
Open source code is another important indicator that a service is secure. By publishing an app’s code publicly, anyone can examine it to ensure the app is doing what it supposed to be doing.
Here at iTechvilaz, we believe open source is one of the best indicators that an app can be trusted. We have therefore limited the following list of top 7 best WhatsApp alternative to open source messaging apps that uses end-to-end encryption (E2EE).
1. SIGNAL PRIVATE MESSENGER
The Signal messaging protocol is an end-to-end messaging protocol developed by the Signal Foundation, a non-profit organization founded by cryptographer and privacy activist Moxie Marlinspike. The Signal Protocol is open source, has been professionally audited for security vulnerabilities, and is widely admired for its cryptographic strength. If you are searching for the best WhatsApp alternative that will respect your privacy, Signal is worth giving a trial.
- Free of charge
- Very good encryption
- Almost no metadata kept
- Audited independently
- Seamless to use on Android
- Disappearing messages feature
- E2EE text, voice, and video group chat
- Requires a valid phone number to register
- Hosted on Amazon Web Services (AWS)
Because of the quality of the Signal protocol, it is used by a variety of third-party messaging apps to provide secure end-to-end encryption for messages. These include WhatsApp, Facebook Messenger, and Skype, Unlike WhatsApp and other third-party apps that implement the Signal protocol, however, the Signal app from the Signal Foundation is 100% open source.
Crucially, in light of recent heightened awareness about WhatsApp’s privacy policies, the Signal app and Signal Foundation keep almost no metadata related to the app’s usage. Only “the date and time a user registered with Signal and the last date of a user’s connectivity to the Signal service.” This is a claim that has been proven in court.
Unlike WhatsApp, Signal is designed to replace your phone’s regular SMS messenger app on Android (not iOS). Texts exchanged to other Signal users are end-to-end encrypted, but texts to non-Signal users are not. Signal will warn you when messages are sent unencrypted.
This makes Signal very transparent in use, but the fact that users must register with a valid phone number in order to match contacts is also the main source of criticism the app receives. It should be noted, though, that contacts are stored locally only and cannot be accessed by Signal Foundation.
In addition to messages, Signal supports disappearing messages, E2EE group voice chats, and now group video chats between up to eight users. Signal is a non-profit organization that relies on donations to operate.
2. TELEGRAM MESSENGER
Telegram is our second list of best WhatsApp alternative with over 200 million users, Telegram is a very popular WhatsApp alternative. A big part of this popularity is the widespread perception that Telegram is highly secure, a perception only heightened by a number of governments, notably Indonesia, Russia, and Iran, trying to block or ban the app.
There are, however, some big caveats regarding the security that Telegram offers its users. Regular default “Cloud-based messages,” that can be accessed on any of a user’s devices, are encrypted in transit and when stored on Telegram’s servers, but they are not end-to-end encrypted. Only client-to-client “secret chats” are end-to-end encrypted. Secret Chats are not available for groups or channels.
- Channels for broadcasting messages
- Bots for managing groups
- Sync across multiple devices (not E2EE)
- Polls, stickers, sharing live location, identity management
- E2EE 1-1 text, voice, and video chat
- Encryption concerns
- Only Secret Chats are E2EE
- Group chats (text or voice) are not E2EE
- Collects lots of metadata
- No group video chats
- Requires a valid phone number to register
- Headquartered in the UAE, which is not known for human rights or privacy
The open source in-house MTProto encryption used to secure communications in Telegram (whether E2EE or otherwise) has come under criticism from security experts, although the new version (MTProto 2.0) has yet to be formally audited. The Telegram API and all Telegram apps are open source, but its server-side backend is not.
Another issue is that Telegram collects a great deal of metadata from users: “We may collect metadata such as your IP address, devices and Telegram apps you’ve used, history of username changes, etc.”
Security considerations aside, a key feature that contributes to Telegram’s popularity (especially in repressive countries such as Iran, where it enjoys over 40 million users despite government attempts to regulate use of the service) is support for “channels.” Users can create and post to channels that any number of other users can subscribe to.
Public channels can be created using an alias and a URL that anyone can subscribe to, making Telegram a powerful tool for organizing resistance and disseminating information in repressive countries.
Other features that help make Telegram popular include polls. stickers, sharing live locations in chats, and an online authorization and identity management system for those who need to prove their identity. A bots feature assists managing groups and channels.
It also features One-to-one voice and video chats are fully end-to-end encrypted, although group voice chats are not. Group video calls are not supported.
Telegram is funded by public donations (notably from its own founder, Pavel Durov), although it is possible in-app monetization features will be introduced in the future.
3. THREEMA SECURE & PRIVATE MESSENGER
Threema is based in Switzerland, a country with very strong data privacy laws and independent from the United States and European Union. It also owns its own server infrastructure located in Switzerland.
- No phone number or email required to sign up
- Almost no metadata kept
- Independently audited
- Swiss-based with own servers
- GDPR compliant
- E2EE group text and voice chat
- Group polling and distribution lists (Android only)
- Not free
- Relatively small userbase
- No group video calls
An email address or phone number is not required to register an account, and it is possible to purchase Threema for Android anonymously using Bitcoin. Threema claims this allows you to text and make calls anonymously, and it goes to lengths to ensure that a minimum amount of metadata is collected.
The fact that the app is not free is likely to be a pain point for some, but at around US$3 (one-time purchase), it’s unlikely to break the bank for most. This may contribute, however, to one of the biggest downsides with Threema: that its userbase is relatively small.
The Android app features distribution lists that allow you to send messages to multiple separate recipients. In addition to fully E2EE group text and voice calls, Threema offers a group polling feature. E2EE video calls are supported, but not for groups.
4. WICKR ME – PRIVATE MESSENGER
There are three Wickr apps, with the free Wickr Me being the version designed for personal use. The lowest tier of the more Slack-like Wickr Pro is also free, although it requires you to verify your identity at start-up.
Wickr Me places ephemeral messaging front and center, with messages disappearing from both the sending and receiving devices after a set period of time (six days by default). Undelivered messages sitting on Wickr servers are also deleted after this time.
- Built for ephemeral messaging
- Anti-censorship feature
- E2EE group text and voice chat
- No phone number or email needed for signup
- Apps themselves are not open source
- Security audits are not published
- No video chat (although available on free Pro version of app)
You can also set a Burn-On-Read timer to determine how long a message lasts before self-destructing once it has been read. If it is not read then it will self destruct at the end of the message timer length. All metadata is scrubbed once a message is opened or expires (whichever comes first)
Wickr advertises itself as open source software, but there are a couple of major caveats to this claim. The code for the core wickr-crypto-c end-to-end encryption protocol that underpins all Wickr apps is available on Github for anyone to examine, but licencing restrictions mean that it cannot truly be described as open source.
More serious from a security stand-point, though, is that while the core crypto protocol is source-available, the code for the Wickr apps themselves is not. Wickr says that its code has undergone multiple independent security audits, but the full results of these audits are not publicly available.
No phone number or email is needed to register with the service. Up to 10 people can be invited into a room or end-to-end encrypted text or voice group chat. Video conferencing is not available in Wickr Me, although it is supported in the Wickr Pro app (including E2EE group chat with all room members).
Wickr is hosted on public server networks (such as Google and AWS), but has partnered with Psiphon to offer Wickr Open Access, a powerful anti-censorship feature. Wickr Me is free, but it is funded through Wickr’s premium Pro and Enterprise apps.
5. WIRE – SECURE MESSENGER
Wire claims to be based in Switzerland, but it is owned by a US company, meaning it must comply with US data requests. A phone number or an email email to register. In order to facilitate syncing across multiple devices, however, Wire keeps quite a lot of metadata.
For years Wire kept a list of all users a customer has contacted in plaintext on their servers until an account is deleted, and it is unclear if this practice continues. Wire’s privacy white paper, however, makes it clear it logs data such as the participants in a group chat and user-defined folders used for organizing chats.
- Free option
- E2EE text, voice, and video (four participants) group chats
- Syncs across up to eight devices
- Advanced video conferencing features
- Quite a lot of metadata logged (and possibly stored in plaintext)
- Phone number or email address required to register
The functional benefit of this is that it allows Wire to work across multiple devices in a way most E2EE messenger apps (including Signal) do not. It’s also worth noting that Edward Snowden recommends using Wire (or Signal).
Wire uses the Proteus protocol to provide end-to-end encryption for text messages. Proteus is an early fork from the code that went on to become the Signal Protocol. Proteus, and all Wire apps, have been publicly audited.
Voice and video calls are end-to-end encrypted using DTLS with an SRTP handshake. In order to achieve end-to-end encryption for group video calls, each datastream is independently encrypted. This is very bandwidth intensive, though, so video chats are limited to four participants.
The app does support advanced video conferencing features that will appeal to business users, though, including screen sharing, screen recording, and advanced meeting scheduling.
Wire is keen to push users toward its premium Pro and Enterprise products, but a free version is available which offers similar features to the Pro app.
6. ELEMENT (was Riot.im)
All the other messenger apps discussed in this article rely on a centralized server network to function (although, as in the case of using AWS, this can be a highly distributed network).
Element is instead built on the idea of federation. Users can set up their own servers using the Matrix communications protocol or connect to Matrix servers that have been set up by other users. Federation has received the support of Edward Snowden, but remains a controversial idea due to the potentially unreliable ad-hoc peer-to-peer nature of such a network.
- Free option
- Server federation
- “Bridges” for interoperability with other apps
- E2EE text, voice, and video (no limits) group chat
- No phone number or email needed for signup
- Questions over Matrix server network reliability
- Not fully audited
Matrix servers are interoperable, so any user of any Matrix client (Element is the most popular of these) can communicate with any other Matrix user. Matrix “bridges” even allow for communication with the users of other popular messaging platforms, such as Signal, Slack, or even WhatsApp.
Matrix (and thus Element) uses the Olm implementation of the Double Ratchet algorithm, with Megolm used for group communications. All Element apps, plus the Matrix protocol itself, are open source, but have not been formally audited. Olm and Megolm, however, have.
An email or phone number is not required to register with Element, although these can be added to make contact matching easier. By default, messages are hosted on a large public server run by Matrix, but you can connect to any Matrix server or set one up yourself in a matter of seconds.
All text, voice, and video chats are end-to-end encrypted (with full support for group video chats, which also allow screen sharing). The Element app is free, but premium plans are available for Element-managed Matrix servers.
Keybase is another best WhatsApp alternative if you are looking to dump WhatsApp. It is completely free and open source (FOSS) messenger that end-to-end encrypts all texts. Voice and video calls are not supported, but E2EE group chat with support for private and public “Teams” (i.e., channels) is.
Files and documents sent between users are encrypted and stored on Keybase’s servers (unless you make them public, in which case they are not encrypted), but they are not end-to-end encrypted.
- Free ( funding model is unclear)
- E2EE text chats with support for public and private channels
- Can connect to people via their social media profiles with PGP verification
- Syncs across multiple devices
- Self-destructing messages
- Cryptocurrency wallets
- 250 GB free storage per user
- Owned by Zoom
- A lot of metadata logged (much of it shared on a public blockchain)
- No voice or video chat
Keybase is notable for allowing you to connect to others using their social media (Twitter, GitHub, Reddit, Hacker News, and Mastodon) identities, which are verified using PGP encryption keys. No phone number or email address is required, and the app will sync across multiple devices.
The PGP-based end-to-end encryption used by Keybase is solid and underwent a full independent audit in 2019. The app also offers self-destructing messages; bots to automate your Keybase tasks; Bitcoin, Zcash, and Stellar wallets; full PGP support for encrypting and decrypting messages and files; and 250 GB free storage per user.
However, messages are stored on centralized servers (based in the US), which log a worrying amount of personal data. This includes your Team names and memberships, hashed passwords, account activity, your Keybase user ID and your IP address, network activity, and more. Not only is information stored encrypted, but much of it is added (in hashed form) to a public blockchain.
Arguably even more concerning is that Keybase is now owned by Zoom, a company widely criticized for its many privacy and security lapses, and which may be subject to pressure from the Chinese government. The fact that it is not clear how Zoom benefits from offering Keybase for free may also be a reason for concern.
No doubt WhatsApp is the best instant social messaging app but for the fact that its users privacy is no longer private, this raise a serious concern to all who wants their privacy to be respected. As a replacement for WhatsApp, Signal is an obvious choice for a best WhatApp alternative . The security concerns around Telegram make it harder to recommend as a simple messenger, although its “channels” feature remains a powerful tool for organizing resistance in restrictive countries.
The other apps discussed above all offer useful features that will appeal to those who need them, whether it’s anonymous sign-up, business collaboration tools, or server federation. As you take back your privacy in the digital age, anything you do to move more of your personal data behind strong encryption is an important step toward building an internet that puts people first.