iMessage and FaceTime Ranked as Most Secure Mass-Market Messaging Options

The Electronic Frontier Foundation or EFF, a non-profit digital rights group, has investigated the security of various messaging apps and created a new Secure Messaging Scorecard, ranking messaging apps and tools like iMessage, FaceTime, BlackBerry Messenger, Skype, Snapchat, and more, based on seven different factors:

- Is a message encrypted in transit?
- Is it encrypted so the provider is unable to read it?
- Can you verify contacts' identities?
- Are past communications secure if keys are stolen?
- Is the code open to independent review?
- Is security design properly documented?
- Has the code been audited?

Unsurprisingly, the apps that score highest on the EFF's chart are those dedicated to secure messaging, such as iPhone apps ChatSecure, Signal, and CryptoCat, both of which scored checkmarks in all categories.

Apple's iMessage scored five out of seven checkmarks, earning points for encrypting messages in transit and encryption that's unreadable by Apple, but the messaging app was faulted for an inability to verify contact identities and the fact that Apple's code is not open to independent review.

effchart
FaceTime was scored in the same way as iMessage, also offering encryption but no contact verification/independent review capabilities. Outside of dedicated secure chat messaging apps, both FaceTime and iMessage scored higher than competing messaging platforms like Skype, WhatsApp, Viber, Snapchat, Kik, Google Hangouts, and BlackBerry Messenger.

Few of the competing messaging services offer encryption that prevents the companies offering the services from accessing messages, though all encrypted messages in transit. Most iMessage/FaceTime competitors also fail to secure past communications if keys are stolen, and few had properly documented security design. QQ, a highly popular Chinese messaging app, failed at providing any of the qualities the EFF was looking for in a secure messaging app, not even bothering to encrypt messages.

According to the EFF, Apple's iMessage and FaceTime products were the "best of the mass-market options," which is not much of a surprise given Apple's unparalleled focus on user privacy. Apple has a comprehensive privacy site that details all of its privacy policies and the security of various apps and services, including iMessage and FaceTime.

On the site, Apple specifically says iMessage and FaceTime calls "are your business, not ours." The company offers end-to-end encryption and Apple has no way to decrypt it. "Unlike other companies' messaging services, Apple doesn't scan your communications and we wouldn't be able to comply with a wiretap order even if we wanted to," reads the site.

Popular Stories

Apple WWDC24 Apple Intelligence hero 240610

Apple Explains iPhone 15 Pro Requirement for Apple Intelligence

Wednesday June 19, 2024 4:48 am PDT by
With iOS 18, iPadOS 18, and macOS Sequoia, Apple is introducing a new personalized AI experience called Apple Intelligence that uses on-device, generative large-language models to enhance the user experience across iPhone, iPad, and Mac. These new AI features require Apple's latest iPhone 15 Pro and iPhone 15 Pro Max models to work, while only Macs and iPads with M1 or later chips will...
Apple Intelligence General Feature

Apple Intelligence Features Not Coming to European Union at Launch Due to DMA

Friday June 21, 2024 9:44 am PDT by
Apple today said that European customers will not get access to the Apple Intelligence, iPhone Mirroring, and SharePlay Screen Sharing features that are coming to the iPhone, iPad, and Mac this September due to regulatory issues related to the Digital Markets Act. In a statement to Financial Times, Apple said that there will be a delay as it works to figure out how to make the new...
iPhone 16 Pro Max Generic Feature 2

5 Biggest Changes Rumored for iPhone 16 Pro Max

Wednesday June 19, 2024 5:00 am PDT by
Given Apple's rumored plan to add an all-new high-end tier to its iPhone 17 series in 2025, this could be the year for Apple to bring its boldest "Pro Max" model to the table — the kind of iPhone 16 upgrade that stands tall above its siblings, both figuratively and literally. If you have been holding out for the iPhone 16 Pro Max, here are five of the biggest changes rumored to be coming...
Apple Vision Pro 2 Feature 2

Apple Reportedly Suspends Work on Vision Pro 2

Tuesday June 18, 2024 8:17 am PDT by
Apple has suspended work on the second-generation Vision Pro headset to singularly focus on a cheaper model, The Information reports. Apple was widely believed to have plans to divide its Vision product line into two models, with one "Pro" model and one lower-cost standard model. The company is said to have been deprioritizing the next Vision Pro headset over the past year, gradually...
back to school 2024

Apple's 2024 Back to School Sale Launches, Up to $150 Gift Card With Mac or iPad

Thursday June 20, 2024 4:29 am PDT by
Apple has launched its annual Back to School promotion for college students in the United States. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad. Apple is also offering students 20% off AppleCare+ plans. Apple is offering a $150 gift card with any new MacBook Air, MacBook Pro, or iMac, and a $100 gift card with the purchase of any new M4 iPad ...
iOS 17

Apple Releases First Public Beta of iOS 17.6

Thursday June 20, 2024 10:18 am PDT by
Apple today seeded the first betas of upcoming iOS 17.6 and iPadOS 17.6 updates to public beta testers, with the betas coming a few days after the initial iOS and iPadOS 17.6 developer betas. Public beta testers can get the beta by opening up the Settings app, going to the Software Update section, tapping on the "Beta Updates" option, and toggling on the iOS 17 or iPadOS 17 Public Beta....

Top Rated Comments

Derekeys Avatar
126 months ago
Whine Time

I want synced deleting!!! If I delete a message off my iPhone I want my iMac, iPad, and macbook to have deleted them as well.

:D


Edit: Or at least make it an option as others may like that it doesn't occur that way.
Score: 22 Votes (Like | Disagree)
StarManta Avatar
126 months ago
TouchID could be used to fill the holes suggested here.

Imagine this use case: Jane and John both have iPhones and are chatting using iMessage. Jane wants to send sensitive information (boob pics) to John, but wants to make sure that John hasn't handed his phone to his friend Bobby at the time she sends it. She could flag the message as 'secret', and John has to use TouchID or his AppleID password to verify his identity before seeing that message.

Offtopic: I'd also like a private browser that is 'locked' with TouchID. I could keep all my porn windows open in Private mode, and no one could see them without me unlocking that specifically.
Score: 13 Votes (Like | Disagree)
farewelwilliams Avatar
126 months ago
can we go back to ICQ? good ol' days.
Score: 10 Votes (Like | Disagree)
0xyMoron Avatar
126 months ago
What an ugly charts table.
Score: 9 Votes (Like | Disagree)
cube Avatar
126 months ago
"Is security design properly documented?"

Huh? I don't understand how whether the security is documented or not actually improves the security.

Because if it is documented, independent parties can find flaws in the design. If it passes, the implementation can still be flawed however.
Score: 7 Votes (Like | Disagree)
ChrisCW11 Avatar
126 months ago
Lol, open source

The column "Is the code open to independent reviewers", how on earth can the open source community continue to claim that their code is safe and secure because of peer review when HeartBleed and a slew of other major security holes and exploits have been found in open source code and has been their for years or even decades?

Just because a million monkeys review your code doesn't make it secure.
Score: 6 Votes (Like | Disagree)