So, what was the exact thing that compelled people to switch to other platforms? Here’s we quickly compare WhatsApp vs. Telegram vs Signal regarding their prominent security and privacy features.
WhatsApp vs Telegram vs Signal – Quick Privacy Comparison
For those who don’t know much about the background of these encrypted messaging apps, here’s a quick overview before moving on to the comparison.
WhatsApp: An American free messaging app for Android and iOS devices. The app also has a web version to support desktop use. However, using it requires the phone version to be connected to WiFi. A separate business app, WhatsApp Business, also exists (since 2018) to let businesses connect with their customers. The app basically started off in 2009 as a standalone platform by Brian Acton and Jan Koum. However, in 2014, Facebook acquired it for US$19 billion.
Telegram: Launched in 2013 in Russia by Nikolai and Pavel Durov, Telegram is also a freeware messaging and VoIP app. It presently supports multiple platforms such as Android, iOS, Windows, Linux, and macOS. Users can seamlessly integrate multiple devices with their accounts to communicate via any device of their choice.
Signal: Signal app is the successor of the previous messaging apps TextSecure and RedPhone, which formally started off in 2015. However, the app started to gain traction in 2018 after Brian Acton, WhatsApp’s co-founder, started the non-profit Signal Foundation and invested heavily in the development of the Signal app. Presently, Signal exists as a standalone, free, and open-source platform offering Android, iOS, and desktop app versions.
WhatsApp, Telegram, and Signal, all three are popular for their robust end-to-end-encryption. But what makes the three different is the way they implement this e2e encryption for the users (by default).
WhatsApp: communications and data remain e2e encrypted during transit by default. WhatsApp basically uses the Signal encryption protocol.
Telegram: offers optional e2e encryption not active by default. The app uses MTProto encryption protocol based on 256-bit symmetric AES encryption, 2048-bit RSA encryption, and Diffie–Hellman key exchange.
Signal: Signal protocol (or the TextSecure Protocol) uses AES-256, Curve25519, and HMAC-SHA256 as primitives and combines Double Ratchet Algorithm, prekeys, and an Extended Triple Diffie–Hellman (X3DH) handshake. Other apps like WhatsApp, Facebook Messenger, Skype, and Google Allo use this encryption protocol to offer e2e encryption to their customers (either optional or default). On Signal app, e2e encryption for all communications is available by default.
While all three apps, WhatsApp, Telegram, and Signal, offer data encryption during transit, the same isn’t the case with backups alike.
WhatsApp: Local (on device) and third-party cloud backups. On clouds (such as Google Drive or iCloud), backup remains unencrypted.
Telegram: Cloud backups on its own servers. The servers also store the decryption keys. Backup, however, doesn’t apply to secret chats. The local database can be (optionally) encrypted via a passphrase.
Signal: Local backup only with SQLCipher. The SQLite database also stores the decryption keys. In case of non-encrypted cloud backup (optional), Signal removes users’ messages from backup by default.
WhatsApp: The app applies “store and forward” mechanism, deleting the message as soon as it is delivered. If undelivered, the message remains for 30 days on its own servers as the app attempts to deliver it. The data is deleted after 30 days.
Telegram: Data retained on Telegram’s own servers in “heavily encrypted” form for an undefined time.
Signal: No explicit data retention on its servers besides technical information necessary to operate the services. Besides, it may temporarily store e2e encrypted messages on its servers if undelivered.
WhatsApp: Can share collected data with Facebook for advertising purposes as needed.
Telegram: No data use for ad targeting. Telegram plans to launch its own ad platform.
Signal: No ads.
Access to user data
Although, iOS users would now know it better as the latest iOS alerts users about the kind of data apps access. However, here’s a quick breakdown of data access and collection by WhatsApp, Telegram, and Signal.
WhatsApp: After the updates, starting February 8, 2021, WhatsApp will have access to users’ detailed personal information such as contacts, status, location, time logs, usage stats, device identifiers, and other sensitive data.
Telegram: Collects user ID, contact information, and users’ contacts (numbers).
Signal: Collects and stores users’ own number, also accesses users’ contacts to detect Signal users (by matching the hashed versions).
Which One Is The Best?
WhatsApp is very popular and very easy to use. Telegram has gained popularity during the past few years, yet, it’s not ubiquitously known like WhatsApp. Whereas, Signal still remains somewhat unpopular, though it gained traction very recently.
Nonetheless, labeling any of these apps as the “best” depends on users’ preferences and feasibility. So we leave it up to our readers to decide which app suits them best.