iMessage and FaceTime Ranked as Most Secure Mass-Market Messaging Options

by

The Electronic Frontier Foundation or EFF, a non-profit digital rights group, has investigated the security of various messaging apps and created a new Secure Messaging Scorecard, ranking messaging apps and tools like iMessage, FaceTime, BlackBerry Messenger, Skype, Snapchat, and more, based on seven different factors:

- Is a message encrypted in transit?
- Is it encrypted so the provider is unable to read it?
- Can you verify contacts' identities?
- Are past communications secure if keys are stolen?
- Is the code open to independent review?
- Is security design properly documented?
- Has the code been audited?

Unsurprisingly, the apps that score highest on the EFF's chart are those dedicated to secure messaging, such as iPhone apps ChatSecure, Signal, and CryptoCat, both of which scored checkmarks in all categories.

Apple's iMessage scored five out of seven checkmarks, earning points for encrypting messages in transit and encryption that's unreadable by Apple, but the messaging app was faulted for an inability to verify contact identities and the fact that Apple's code is not open to independent review.

effchart
FaceTime was scored in the same way as iMessage, also offering encryption but no contact verification/independent review capabilities. Outside of dedicated secure chat messaging apps, both FaceTime and iMessage scored higher than competing messaging platforms like Skype, WhatsApp, Viber, Snapchat, Kik, Google Hangouts, and BlackBerry Messenger.

Few of the competing messaging services offer encryption that prevents the companies offering the services from accessing messages, though all encrypted messages in transit. Most iMessage/FaceTime competitors also fail to secure past communications if keys are stolen, and few had properly documented security design. QQ, a highly popular Chinese messaging app, failed at providing any of the qualities the EFF was looking for in a secure messaging app, not even bothering to encrypt messages.

According to the EFF, Apple's iMessage and FaceTime products were the "best of the mass-market options," which is not much of a surprise given Apple's unparalleled focus on user privacy. Apple has a comprehensive privacy site that details all of its privacy policies and the security of various apps and services, including iMessage and FaceTime.

On the site, Apple specifically says iMessage and FaceTime calls "are your business, not ours." The company offers end-to-end encryption and Apple has no way to decrypt it. "Unlike other companies' messaging services, Apple doesn't scan your communications and we wouldn't be able to comply with a wiretap order even if we wanted to," reads the site.

Popular Stories

Apple CarPlay Ultra instrument cluster themes 01

Apple's 'CarPlay Ultra' Experience Now Available

Thursday May 15, 2025 5:07 am PDT by
Apple today announced that its next-generation CarPlay experience, now dubbed "CarPlay Ultra" begins rolling out today, starting with Aston Martin vehicles. Subscribe to the MacRumors YouTube channel for more videos. CarPlay Ultra is now available with new Aston Martin vehicle orders in the U.S. and Canada. It will also be available for existing models that feature the brand's next-generation ...
Read Full Article115 comments
Apple CarPlay Ultra instrument cluster themes 01

Apple's CarPlay Ultra Is Here – Does Your iPhone Support It?

Thursday May 15, 2025 5:17 am PDT by
Apple's recently announced CarPlay Ultra promises a deeply integrated in-car experience, but not all iPhone users will be able to take advantage of the new feature. According to Apple's press release, CarPlay Ultra requires an iPhone 12 or later running iOS 18.5 or later. This means if you're using an iPhone 11, iPhone XR, or any older model, you'll need to upgrade your device to access...
Read Full Article
CarPlay Ultra Climate Controls

Apple Says These Vehicle Brands Plan to Offer All-New CarPlay Ultra

Thursday May 15, 2025 8:13 am PDT by
Apple today announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. CarPlay Ultra features deep integration with a vehicle's instrument cluster and systems, built-in Radio and Climate apps, customizable widgets, and more. The interface is tailored to each vehicle model and automaker's identity, and drivers can also adjust...
Read Full Article120 comments
iPhone 12 Made in India

Trump Tells Tim Cook to Stop Building iPhones in India

Thursday May 15, 2025 2:21 am PDT by
President Donald Trump has asked Apple CEO Tim Cook to halt the company's manufacturing expansion in India, in a potential disruption of Apple's plan to shift iPhone production away from China. "I had a little problem with Tim Cook yesterday," Trump said during his state visit to Qatar, according to Bloomberg. "He is building all over India." "They [India] have offered us a deal where...
Read Full Article254 comments
apple music

Apple Music Gets New Transfer Tool to Make Switching From Spotify Easier

Wednesday May 14, 2025 5:17 pm PDT by
Apple this week introduced a new feature designed to allow prospective Apple Music users to import their saved music and playlists from third-party music services to Apple Music. The feature is either in an expanded testing phase or it has started rolling out, and it is available in Australia and New Zealand according to an Apple Support document. Signs of the transfer option first surfaced...
Read Full Article73 comments
maxresdefault

Here's the First Real-World Look at Apple's CarPlay Ultra

Thursday May 15, 2025 5:52 am PDT by
The first videos of Apple's CarPlay Ultra experience are now available, providing a never-before-seen look at the long-anticipated iPhone-linked infotainment software. British automaker Aston Martin today shared the first video of Apple's CarPlay Ultra experience in-action, followed by a detailed walk-through of the CarPlay Ultra system on Top Gear's YouTube channel, which provides the...
Read Full Article79 comments
iOS 18

Apple Releases iOS 18.5 With New Wallpaper, Screen Time Changes, Carrier Satellite Support for iPhone 13 and More

Monday May 12, 2025 10:06 am PDT by
Apple today released iOS 18.5 and iPadOS 18.5, the fifth updates to the iOS 18 and iPadOS 18 operating systems that came out last September. iOS 18.5 and iPadOS 18.5 come a little over a month after Apple released iOS 18.4 and iPadOS 18.4. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. The iOS 18.5 update has a...
Read Full Article55 comments
fortnite apple logo 2

Epic Resubmits Fortnite to U.S. App Store After Not Hearing From Apple for 120+ Hours

Wednesday May 14, 2025 1:01 pm PDT by
On Friday, Epic Games submitted Fortnite to the U.S. App Store, and since then, we've been waiting to see if Apple would approve the game and allow it back on the iPhone and the iPad. There's been no word from Apple so far, but Epic Games opted to pull its first App Store review request, and has now resubmitted Fortnite. Fortnite leaker Shiina shared the news, with the information reposted by...
Read Full Article187 comments

Top Rated Comments

Derekeys Avatar
Derekeys
137 months ago
Whine Time

I want synced deleting!!! If I delete a message off my iPhone I want my iMac, iPad, and macbook to have deleted them as well.

:D


Edit: Or at least make it an option as others may like that it doesn't occur that way.
Score: 22 Votes (Like | Disagree)
StarManta Avatar
StarManta
137 months ago
TouchID could be used to fill the holes suggested here.

Imagine this use case: Jane and John both have iPhones and are chatting using iMessage. Jane wants to send sensitive information (boob pics) to John, but wants to make sure that John hasn't handed his phone to his friend Bobby at the time she sends it. She could flag the message as 'secret', and John has to use TouchID or his AppleID password to verify his identity before seeing that message.

Offtopic: I'd also like a private browser that is 'locked' with TouchID. I could keep all my porn windows open in Private mode, and no one could see them without me unlocking that specifically.
Score: 13 Votes (Like | Disagree)
farewelwilliams Avatar
farewelwilliams
137 months ago
can we go back to ICQ? good ol' days.
Score: 10 Votes (Like | Disagree)
0xyMoron Avatar
0xyMoron
137 months ago
What an ugly charts table.
Score: 9 Votes (Like | Disagree)
cube Avatar
cube
137 months ago
"Is security design properly documented?"

Huh? I don't understand how whether the security is documented or not actually improves the security.

Because if it is documented, independent parties can find flaws in the design. If it passes, the implementation can still be flawed however.
Score: 7 Votes (Like | Disagree)
ChrisCW11 Avatar
ChrisCW11
137 months ago
Lol, open source

The column "Is the code open to independent reviewers", how on earth can the open source community continue to claim that their code is safe and secure because of peer review when HeartBleed and a slew of other major security holes and exploits have been found in open source code and has been their for years or even decades?

Just because a million monkeys review your code doesn't make it secure.
Score: 6 Votes (Like | Disagree)
Read All Comments