Black Friday


Our summary


The news last week that Facebook has paid a whopping $19 billion for the wildly popular (450 million users) instant messaging app WhatsApp has sent shockwaves through its users who, worried by Facebook’s infamous disregard for privacy, have reportedly been leaving it in droves. Der Spiegel, for example, reported that WhatsApp rival Threema doubled its user base in one night following the announcement.

The issue that has caused the greatest furore is the way in which WhatsApp uploads users contact list to servers in the US, so that entries can be matched to a database of existing users. With Facebook’s acquisition of WhatsApp giving it the ability to match this data to its own very extensive database of personal profiles, major alarm bells began to ring. It should be noted however, that since WhatsApp uses proprietary code and encrypts messages on its servers (i.e. it is not end-to-end), it was never a very good choice for security conscious IM users anyway, especially given that even the encryption it does use have may be flawed.

Many websites have been quick to publish articles on good alternatives to WhatsApp, but there has been too little focus on alternatives that are properly secure. Fortunately there are some good options available, and when looking at IM security it is clear that two factors are vital:

  1. Strong end-to-end encryption – all data should be encrypted by yourself on your device, so that it can only be decrypted by a trusted recipient. Since only you and the trusted recipient(s) hold the encryption keys, no-one else (including the app developer and your ISP) can access the data without cracking the encryption. If the encryption is strong (e.g. 256-bit AES), then this will be all but impossible (although who knows what the NSA is capable of?).
  2. Use free open source software (FOSS) – open source software code is freely available so that it can be peer-reviewed and vetted for backdoors and other nasty bits of code, while proprietary software is hidden, and can therefore conceal just about anything (and given the NSA’s campaign to backdoor just about all commercial software, likely does). Being FOSS is not a guarantee that code is secure as it is often very complex, and even when security experts have the time and resources available to do a full audit, malicious code can be easily missed. It is however the best guarantee available.

Secure WhatsApp alternatives

ChatSecure (was Gibberbot)

ChatSecure is a fully open source app that uses the highly respected Cypherpunk’s Off-the-Record (OTR) encryption protocol (first developed as a plugin for the Pidgin desktop IM client, but now incorporated into many secure IM programs). Developed by The Guardian Project, encryption is end-to-end, and uses AES and the SHA-1 hash function, and no central server is involved at all.

ChatSecure works securely with pretty near any app or client that uses OTR, such as Pidgin+OTR, Jitsi or Miranda IM (Windows), Adium (Mac) and Jitsi (Linux), and will work insecurely with many more. This is potentially a big security problem however, as if the recipient does not have an OTR enabled chat client then conversations occur in plaintext, and there are not enough warning to users about this.

A nice bonus however is that the Android version works with The Guardian Project’s Orbot App, which routes your messages through Tor for maximum privacy. It also works with The Guardian Project’s KeySync tool, which makes it possible to transfer your desktop OTR keys and fingerprints to the Android app, so that you can seamlessly communicate using your existing database of trusted contacts.

Since 2009 OTR does not support group chat, although this is a feature which may appear again in the future. More important is the fact that Apple does not allow background processes, so there is no push message support in iOS, which when combined with problems connecting to XMPP servers (used by OTR desktop clients), makes the iOS version is almost unusable as is.


ChatSecure is completely free (no ads), and is available for iOS and Android.

TextSecure Signal

This app seamlessly replaces your device’s messaging client, becoming the default messaging app. Completely free and open source, it sends messages encrypted end-to-end using 256-bit AES with the Curve25519 Diffie-Hellman function, and HmacSHA256 hash authentication. It also uses Perfect Forward Secrecy, so even if one message is somehow compromised, no others are.

Text Secure v2 addresses many of the problems the earlier version of the app once had, and now supports group chat, push notifications, has strong MMS support, and whether unencrypted messages are sent as clear SMS/MMS is now optional. It has also now been incorporated into popular alternative Android OS CynagenMod, expanding its userbase by around 10 million.


TextSecure is completely free, and is available for Android. Whisper Systems has also released an app for iOS called Signal, that combines TextSecure and RedPhone secure VoIP functions, and is 100 percent interoperable with TextSecure (and RedPhone). For more details about Signal see here, and also be sure to check out our full TextSecure and RedPhone review.

Update: The unified Signal app is now available for Android (replacing TextSecure and Redphone.) Please check out our full Signal Private Messenger Review for an in-depth look. Whisper Systems has also announced that it plans to release a desktop version of Signal in the near future (beta tests are underway.)


Threema is a Swiss service, and is therefore subject to the Swiss Federal Act on Data Protection, one of the strongest pieces of privacy protection legislation anywhere. It uses open source end-to-end PGP encryption, so it is generally considered secure, although some parts of its code are proprietary, and therefore have not been independently verified.

Data on-phone can be secured with a master key, and (addressing the major complaint against WhatsApp) users can either choose to synch their contacts by sending data fully encrypted to volatile memory on Threema’s servers, where (Threema promises) it only resides long enough to be matched and is then deleted), or forgone altogether, and contacts added individually, ideally by sharing IDs only in person.

Because it is not fully open source, Threema requires a fair degree of trust, but it works well and is easy to use. If it opened up its code then it would be a strong contender for best WhatsApp replacement, but as is. it should probably be avoided by more security conscious texters.


Threema costs $1.99 and is available for iOS and Android.


SureSpot is a well-designed and easy to use open source messaging app that uses seamless (so you needn’t worry about key exchanges and suchlike) 256-bit AES-GCM encryption using keys created with 521 bit ECDH. It supports long messages (so they won’t be split into smaller ones as happens with SMS, often arriving in the wrong order) and allows sending of high quality images (although it has no video or group messaging support). Interestingly, you can send voice messages, and even more interestingly, you can delete messages that you have sent from the receiving device!

SureSpot does not support Perfect Forward Secrecy (although new keys can be generated anytime by the more paranoid), and there is a known vulnerability to MiTM attacks, but overall it is a very secure and easy to use app.


SureSpot is available for iOS and Android, and is completely free (except for voice messaging, which costs $2). You can also donate to SureSpot, and the proceeds will be shared with the EFF.

Update 29 July 2015: It is just speculation, but we suggest anyone considering using Surespot read this article first.


Jitsi is a popular free and open source IM client for Windows, OSX and Linux that also supports VoIP video chat (Skype style). An Android app is currently in the works and looks very promising, so we just include it here as a heads-up, and will take a closer look when it is fully released.

The rest

We have not bothered to cover the remaining so-called secure messaging apps available for the following reasons:

  • BBM, myEnigma, Redact, Silent Text, TigerText and Wickr – these are not open source. BBM, popular though it is, is particularly laughable when it comes to security
  • Cyyptocat – this app looked very promising, but an audit of the software (paid, ironically enough, by Cryprocat itself!) revealed shocking security flaws. An update fixes most of these, but after such a fiasco we have no intention of going anywhere near it
  • Telegram – despite its growing popularity, cryptography experts are unhappy with the custom MTProto protocol used (see Telgram’s response here). There is also no Perfect Forward Secrecy and Secret Chats are not the default, although it should be praised for being open source


In terms of ease of use, Threema is the winner, but the fact it is not fully open source also makes it the poorest choice in our lineup in terms of security.  There is much to admire about ChatSecure, but it is plagued by too many problems to really recommend (and is absolutely awful on iOS). SureSpot is a great app, and hits the sweet spot in terms of balance between security and usability, but the Signal boasts impressive security, is packed with features, and is also very easy to use, so gets our vote as the overall winner.

Douglas Crawford

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

30 responses to “Secure alternatives to WhatsApp

    1. Hi Disappointed,

      Yes. Sorry. This article is now almost three years old, which is a long time in the tech security industry! At some point, when I have the time, I will update it.

  1. Thanks for this mate!, so for a Whatsapp replacement as of April/May 2016 do you still recommemd Signal and/or Chatsecure?.

  2. One of the things that I look at is the number of permissions required for each app. Of course some of those permissions are innocuous, while others are perilous, but generally the fewer the better. Here is a partial list for some of the main contenders:
    Surespot 10
    Threema 22
    Telegram 24
    Signal 45

    When one contacts an app’s authors, usually there is some feature cited for requiring each permission. On the other hand, we know that some app authors’ business model is harvesting user [contact] info to sell.

    AFAIK, these apps use google cloud messaging (GCM), which is part of google apps (g apps), which is not open source. Someone seriously concerned about privacy would not have g apps on their device, ruling out any app that employs it.

    BTW, there is another app, Cryptochat (not to be confused with cryptocat), which appears to be open source, Android only. Its permission count is 8.

    1. Hi Thom,

      As you say, some permissions are required in order to support apps’ features. A good example is Signal, which replaces a phones’ regular SMS client, and therefore requires extensive access to users’ contact lists, storage and camera (for MMS messaging), and more. This obviously results in requiring more permissions than apps that restrict their functionality to in-app only IM. Use of GCM and GAPPS is an definitely an issue, although with reference to Signal,

      “Signal’s official Android client requires the proprietary Google Play Services because the app is dependent on Google’s GCM push messaging framework. As of March 2015, Signal’s message delivery has been done by Open Whisper Systems themselves and the client relies on GCM only for a wakeup event.”

      The devs have also “added WebSocket support to the open source Signal server. This won’t work as well as push messages that are sent via GCM, but it will provide a way for Signal to work outside of Google’s GCM push messaging framework once support has been added to the client.”

      Further details on Signal and its use of GCM are available here.

  3. I looked at the Red Phone app out of curiosity and saw that it had been taken over and combined with Signal. As I remember, the App now collects and uploads to the server much more info from my phone such as identity, location, contact list and other stuff that subverts the idea of secure comms. Am I mistaken?

    1. Hi Elvin,

      Signal does not upload your contact list to any servers. It does replace your regular SMS app, and can therefore access for contact list. When you send a message to other Signal users it is encrypted by default, and when you send a message to non-Signal users you are given the option of inviting them to Signal or sending it unencrypted. Please see my Signal Private Messenger Reviewfor a detailed look.

        1. Hi MagicJ,

          Thanks for that link – it is interesting and very informative. As you say, it seems Signal/TextSecure does upload user’s contact lists in order to connect users, but does not store it,

          “For TextSecure… the only thing we can do is write the server such that it doesn’t store the transmitted contact information, inform the user, and give them the choice of opting out.”

  4. I just wanted to comment that I really liked that you gave a thoughtful reply to each comment (at least each moderated comment 🙂 ).

  5. hi
    what do you think regarding these apps, (for security) can you get back to me in the comments section or by email – thanks for your time


    list of apparently secure messaging,voice calls, encryption,etc

    Tutanota –
    Burnnote –
    Sneeky App –
    Hide My Phone
    Caller ID Faker
    Private Text Messaging & Calls
    Smiley Private Texting
    TextSecure – FIM – encrypted chat messenger
    FireChat – FIM
    Jott – FIM – auto destruct messages
    Confide – auto destruct messages
    Kik Messenger – FIM
    NextPlus – free texts/
    Crypto Cat

    Wickr – FIM Auto destructs messages – No Internet Needed – NO IP LOGS
    OneOne – Auto destruct messages – No Login Required – NO IP LOGS
    Surespot – FIM – encrypted chat messenger – NO IP LOGS
    BurnNote – auto destruct messages, copy-resistant
    enables you to have private conversations, – NO IP LOGS
    TigerText – restrict message copying and forwarding – NO IP LOGS – NO IP LOGS
    ChatSecure – FIM – encrypted chat messenger
    WeChat – Free messaging and calling app
    Signal – Free texts from above
    Gliph – accepts bitcoiin
    Zendo – FIM – End to end encrypted messenger – NO IP LOGS
    SafeBash – FIM -End to end encrypted messenger – NO IP LOGS
    Sneeky App – Anonymous encrypted free picture chat
    What’s App – FIM
    Cyphr – free encrypted messaging – NO IP LOGS
    Viber – End to end encrypted messenger FIM – NO IP LOGS
    IPGMail – send and decrypt pgp encoded messages – NO IP LOGS
    Zendo – FIM – Secure Messenger – NO IP LOGS
    Threema – FIM – End to end encrypted messenger – NO IP LOGS
    Vojer Messenger – FIM – No Internet Needed – NO IP LOGS

    1. Hi hi,

      Thanks for that list. We may get around to reviewing some of the services/apps/ect. it, but it’s a big list! Note that our usual policy is to only review security software that is open source, unless we feel there is a very good reason otherwise. We currently have full reviews for Tutanota and TextSecure. For what it’s worth, our current recommendation is to use TextSecure / Signal (or WhatsApp if it’s the only way to persuade friends and families to use secure chat, as despite being owned by Facebook, it uses the same end-to-end encryption protocol used by TextSecure.)

  6. TextSecure is not available for iOS, if I’m not mistaken (the link that you posted at the end of the TextSecure section points to ChatSecure’s download page).

    1. Hi The Person,

      Unless you absolutely need AIM support, then yes (and AIM was never securely supported anyway, as far as I know). If you are an iOS user, though, you should probably stay clear.

    1. Hi The Person,

      1) I have a degree in Philosophy and Political Ethics, but have also run a computer repair and tuition company, and my own web design business.
      2) I like the fact that PDQChat uses non-NIST encryption, but it does not appear to be open source, so no cigar…

    1. Hi Fairymary,

      I had a quick skim of your website, but as far as I can tell Sicher falls at the first post by not being open source. I’m also none too keen on requiring users register using their phone number…

    1. Hi Admin User,

      I did give Wikr a mention under ‘The rest’. It is excluded from this list because it is in no way open source.

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Information will never be shared with any third party.
Enter your email address to receive your Beginner's Guide to Online Security for Free
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the ebook:
Your Information will never be shared with any third party.
Enter your email address to receive your Ultimate Online Privacy Guide eBook!
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the eBook:
Special VPN Deal
Exclusive Offer
Get a Special Deal - 72% OFF!
With a biannual subscription
Exclusive Offer for Visitors!
50% Off Annual Plan
Limited Time Only
Exclusive price of
Exclusive Offer
Get NordVPN for only