Encryption on Facebook Messenger and other chat apps

  • Published
Messaging cartoonImage source, Getty Images

Facebook has a stored copy of your private messages because it doesn't use end-to-end encryption - and it's not the only one.

Encryption scrambles messages so that if they're intercepted while being delivered they cannot be read.

Most messaging services use a level of encryption, but there are different types.

Twitter, Instagram and Snapchat are other services that don't use end-to-encryption.

Facebook Messenger encrypts messages by default from the sender to its server, and then encrypts them again between the server and the recipient.

End-to-end encryption, used by WhatsApp, doesn't have the stop in between.

Media caption,

What is encryption?

Usually the only people with the 'key' to decipher an end-to-end encrypted message are the sender and the intended recipient.

The messaging service can't read the message.

It's particularly useful for sending sensitive information like bank details, which you wouldn't want to fall into the wrong hands or be stored anywhere online.

The reason some are arguing it's a bad thing

There's been a big discussion about end-to-end encryption and the problems it causes for policing.

Khalid Masood accessed WhatsApp moments before he killed four people in the Westminster terror attack. He also used iMessage and SMS.

After the attack, Home Secretary Amber Rudd called it "completely unacceptable" that the security services couldn't access some of the content - and said "there should be no place for terrorists to hide".

At the time, a WhatsApp spokeswoman said the company was "horrified at the attack" and was co-operating with the investigation.

But since then, Amber Rudd has repeated her call for messaging services to work more closely with government to stop criminals misusing apps.

Image caption,
Chats on WhatsApp are encrypted end-to-end by default

Whatsapp, which is owned by Facebook, added end-to-end encryption by default in 2016, with Facebook saying that protecting private communication was one of its "core beliefs".

But its native Facebook Messenger doesn't have the same levels of security.

You have to specifically enable something called "secret conversation" within the Messenger app in order for your conversations to have end-to-end encryption.

Image source, BBC/Facebook
Image caption,
Enabling end-to-encryption on Facebook Messenger

Facebook-owned Instagram does not use end-to-end encryption on the photo-sharing app, which introduced private messaging in 2013.

Twitter doesn't either, while there's nothing on Snapchat's website to suggest messages on the app are completely encrypted.

Its support page does say that most messages are deleted from its servers after a maximum 30 days.

And Skype, which also has no information on end-to-end encryption on its website, has been trialling a "private conversation" option with some users.

Newsbeat has contacted Snapchat and Skype for clarification.

So what does use end-to-end encryption?

Well, as mentioned above the main player in end-to-end encrypted messaging is WhatsApp, but Apple also uses it.

Its 'approach to privacy' document says it "uses end-to-end encryption to protect your iMessage and FaceTime conversations" across all devices.

But Apple also allows users to send messages as a text if the iMessage won't go through, and text messages are not end-to-end encrypted.

A lot of messaging services, like iMessage, allow you to back up to the cloud, which gives those cloud services access to your messages.

Follow Newsbeat on Instagram, Facebook and Twitter.

Listen to Newsbeat live at 12:45 and 17:45 every weekday on BBC Radio 1 and 1Xtra - if you miss us you can listen back here.