Home Did you know ? WhatsApp vs Telegram vs Signal – Which One Is More Secure?

WhatsApp vs Telegram vs Signal – Which One Is More Secure?

by Abeerah Hashim
WhatsApp Telegram Signal comparison

Following the changes in WhatsApp privacy policy, the other two rival apps, Signal and Telegram, have experienced a surge in their customer base. According to Sensor Tower, after WhatsApp’s recent update, Signal received 100,000 new customers. Whereas, Telegram attracted 2.2 million new downloads within two days.

So, what was the exact thing that compelled people to switch to other platforms? Here’s we quickly compare WhatsApp vs. Telegram vs Signal regarding their prominent security and privacy features.

WhatsApp vs Telegram vs Signal – Quick Privacy Comparison

For those who don’t know much about the background of these encrypted messaging apps, here’s a quick overview before moving on to the comparison.

WhatsApp: An American free messaging app for Android and iOS devices. The app also has a web version to support desktop use. However, using it requires the phone version to be connected to WiFi. A separate business app, WhatsApp Business, also exists (since 2018) to let businesses connect with their customers. The app basically started off in 2009 as a standalone platform by Brian Acton and Jan Koum. However, in 2014, Facebook acquired it for US$19 billion.

Telegram: Launched in 2013 in Russia by Nikolai and Pavel Durov, Telegram is also a freeware messaging and VoIP app. It presently supports multiple platforms such as Android, iOS, Windows, Linux, and macOS. Users can seamlessly integrate multiple devices with their accounts to communicate via any device of their choice.

Signal: Signal app is the successor of the previous messaging apps TextSecure and RedPhone, which formally started off in 2015. However, the app started to gain traction in 2018 after Brian Acton, WhatsApp’s co-founder, started the non-profit Signal Foundation and invested heavily in the development of the Signal app. Presently, Signal exists as a standalone, free, and open-source platform offering Android, iOS, and desktop app versions.

End-to-end encryption

WhatsApp, Telegram, and Signal, all three are popular for their robust end-to-end-encryption. But what makes the three different is the way they implement this e2e encryption for the users (by default).

WhatsApp: communications and data remain e2e encrypted during transit by default. WhatsApp basically uses the Signal encryption protocol.

Telegram: offers optional e2e encryption not active by default. The app uses MTProto encryption protocol based on 256-bit symmetric AES encryption, 2048-bit RSA encryption, and Diffie–Hellman key exchange.

Signal: Signal protocol (or the TextSecure Protocol) uses AES-256, Curve25519, and HMAC-SHA256 as primitives and combines Double Ratchet Algorithm, prekeys, and an Extended Triple Diffie–Hellman (X3DH) handshake. Other apps like WhatsApp, Facebook Messenger, Skype, and Google Allo use this encryption protocol to offer e2e encryption to their customers (either optional or default). On Signal app, e2e encryption for all communications is available by default.

Data backup

While all three apps, WhatsApp, Telegram, and Signal, offer data encryption during transit, the same isn’t the case with backups alike.

WhatsApp: Local (on device) and third-party cloud backups. On clouds (such as Google Drive or iCloud), backup remains unencrypted.

Telegram: Cloud backups on its own servers. The servers also store the decryption keys. Backup, however, doesn’t apply to secret chats. The local database can be (optionally) encrypted via a passphrase.

Signal: Local backup only with SQLCipher. The SQLite database also stores the decryption keys. In case of non-encrypted cloud backup (optional), Signal removes users’ messages from backup by default.

Data retention

WhatsApp: The app applies “store and forward” mechanism, deleting the message as soon as it is delivered. If undelivered, the message remains for 30 days on its own servers as the app attempts to deliver it. The data is deleted after 30 days.

Telegram: Data retained on Telegram’s own servers in “heavily encrypted” form for an undefined time.

Signal: No explicit data retention on its servers besides technical information necessary to operate the services. Besides, it may temporarily store e2e encrypted messages on its servers if undelivered.

Advertising policy

Details about the type of data collected and used for advertising purposes are available in the privacy policy of WhatsApp, Telegram, and Signal. Below is a brief overview.

WhatsApp: Can share collected data with Facebook for advertising purposes as needed.

Telegram: No data use for ad targeting. Telegram plans to launch its own ad platform.

Signal: No ads.

Access to user data

Although, iOS users would now know it better as the latest iOS alerts users about the kind of data apps access. However, here’s a quick breakdown of data access and collection by WhatsApp, Telegram, and Signal.

WhatsApp: After the updates, starting February 8, 2021, WhatsApp will have access to users’ detailed personal information such as contacts, status, location, time logs, usage stats, device identifiers, and other sensitive data.

Telegram: Collects user ID, contact information, and users’ contacts (numbers).

Signal: Collects and stores users’ own number, also accesses users’ contacts to detect Signal users (by matching the hashed versions).

Which One Is The Best?

WhatsApp is very popular and very easy to use. Telegram has gained popularity during the past few years, yet, it’s not ubiquitously known like WhatsApp. Whereas, Signal still remains somewhat unpopular, though it gained traction very recently.

However, comparing the security of WhatsApp, Telegram and Signal reveals that WhatsApp does not remain secure anymore. Perhaps, that’s why people have started leaving the platform.

Nonetheless, labeling any of these apps as the “best” depends on users’ preferences and feasibility. So we leave it up to our readers to decide which app suits them best.

You may also like

4 comments

Bud Aleff January 18, 2021 - 9:28 pm

It’s hard to find knowledgeable individuals on this subject, but you sound like you know what you’re speaking about! Thanks

Desipien January 17, 2021 - 7:35 pm

Signal is not E2E on any of their services. Don’t fall for their commercial.
Easy test:
– install Win Signal app
– chat with a friend on Signal (Win) while your mobile is network OFF (Android or IOS) data & WiFi.
– turn off your network on Win and start your Signal app on your mobile and the messages will sync.
The messages use their servers to communicate and not E2E.
On the other hand the “secret chats” on Telegram don’t sync on Win; but Telegram doesn’t have E2E for groups (neither does Signal, despite their intent).

randomgenerator January 15, 2021 - 1:01 am

“However, comparing the security of WhatsApp, Telegram and Signal reveals that WhatsApp does not remain secure anymore. ”

The sentence is not correct. Whatsapp is still secure but it asks for a lot of user information (privacy violation).

Nathan Michell January 13, 2021 - 1:06 pm

Started using telegram instead. So far so good. Didn’t know they had so many good features.

Comments are closed.

Latest Hacking News