Whether it's iMessage, Facebook Messenger, WhatsApp, or another testing service, nearly everyone uses some sort of messaging app. But for all of the data people are sending back and forth, is it clear what's being encrypted and what that encryption means?
For everyday users who aren't sure, seven technology experts from Forbes Technology Council offer their insights on what people should know about how their data is being encrypted.
1. You’re Protected From Outside Snoopers, But Not Yourself
End-to-end encryption in messaging apps is great news for those who want privacy from service providers and would be network hackers. It makes recent drama around social networks giving up your data a moot point since they can’t access it. However, if your phone is not secure, your messages can be accessed through the app. So make sure you have a strong password on your mobile device. - Tim Maliyil, AlertBoot
2. It's Important To Know Who Holds The Key To Your Data
Consumers can best protect themselves by knowing who holds the key to their data. Some apps use end-to-end encryption so a user’s messages, videos and photos can’t be seen. Unfortunately, most public tools don’t rely on security best practices. For messaging apps, this can lead to a MITM attack: when an unwanted party intercepts communications because the source code is unencrypted in the middle. - Jamie Butler, Endgame
3. It's Best To Treat Your Messages As Public
Everyday messaging app users need to be more savvy and critical of the platforms. I think at this point, everyone should treat their messages as public. I am not convinced that any one massaging platform is secure enough from various intelligence agencies, both foreign and domestic. - Chris Kirby, Voices.com
4. What The Encryption Protects
While it sounds great when you hear the word encrypted, what does it really mean? Most people don't really know how it works, why it protects their data, and what aspects of the data are actually protected. There should also be information about the possible ways that vulnerabilities may still occur, because that will always be a possibility. This helps people decide what and how they share. - Chalmers Brown, Due
5. You Should Assume The Worst
The first problem is that we've assumed the data is actually encrypted. I recommend assuming that all of your data is not-encrypted and viewable by multiple third parties. Once you do that, you're in a better place to decide what you want to share on public messaging apps and what you don't. If you still need to share private/secure data on messaging apps, I would find ones listed as HIPAA compliant. - Sagi Brody, Webair
6. You Should Know Who Holds The Encryption Key
How strong the encryption is and who has access to decrypt it should be top-of-mind for every messaging app user. - Erik Gustavson, Bitium
7. Encryption Does Not Equal Security
Critical information is exchanged via messaging apps more than ever before. As businesses evaluate the end to end encryption of an app, they should consider where the information is stored, how long it is stored for, who can access the stored information, how the information is transmitted, and how long the transmitted information is available. - Heeren Pathak, Vestmark
