Is Telegram safe?

Telegram is encrypted, private, secure, and independent, making it a better alternative to WhatsApp, which is owned by data-harvesting Facebook.

• In 2018, British consulting firm Cambridge Analytica collected millions of Facebook users’ data for political advertising, without their consent.
• In 2021, WhatsApp was fined $255M by an EU privacy watchdog for not explaining how it handled users’ and nonusers’ data and for sharing user data with other Facebook-owned companies.

While all Telegram messages are encrypted, they’re only encrypted while in transit from your device to Telegram’s servers. Once your data arrives on Telegram servers, it’s decrypted and could be seen by Telegram. This is why end-to-end encryption is so important.

But is Telegram end-to-end encrypted?

Telegram’s usual private and group chats aren’t end-to-end encrypted, only secret chats are. This means that your conversations and personal information can be stored on Telegram’s servers and accessed by staff and third parties.

If you want complete privacy, use Telegram’s secret chat option. All of your data, including text, media, and files, are encrypted with an extra layer of client-client encryption. And no media or files that you send or receive via Telegram can be deciphered and intercepted by your internet service provider, owners of Wi-Fi routers you connect to, or other third parties.

Telegram’s secret chats:

• Use end-to-end encryption.
• Leave no trace on Telegram’s servers.
• Support self-destructing messages.
• Don’t allow forwarding of messages.

Good to know: Secret chats are not part of the Telegram cloud and can only be accessed on the device which the chat took place on.

Telegram’s privacy policy includes information on the personal data it collects from you, how the company stores it, what it’s used for, and who it’s shared with.

In fact, Telegram records and stores your IP address, device information, and username changes for up to 12 months.

As a public messaging app, Telegram is also required to investigate concerning matters and provide your phone number and IP address to the authorities if legally asked to do so.

When an app says that it’s “open source,” it means that the code that makes up the app can be inspected by the public and security experts for weaknesses. This factor obviously helps make the app more secure and honest.

But there’s a small issue. Telegram uses a unique encryption protocol known as MTProto.

MTProto was developed by Telegram, and it’s the only company that uses the protocol. This means that it hasn’t been tested as much as other more common protocols. So if there IS a vulnerability in MTProto, we wouldn’t really know about it.

Related articles

Engineering Dumpster diving application memory

May 14, 2023

·

4 min read

Engineering How to make your GraphQL implementation more secure

Jun 28, 2022

·

10 min read

If you’re looking for an alternative to Telegram but still want to stay private and secure, you have plenty of options.

Here are 3 secure messaging apps to choose from:

1. Wickr

• Wickr is free and end-to-end encrypted.
• You can send private self-destructing messages to other Wickr contacts (text, photo, video, voice).
• Wickr deletes geotags (your location/s) and message time-stamps.
• Users can verify themselves with short bursts of encrypted video.
• Wickr has screenshot detection and blocks third-party keyboards on iOS.

2. WhatsApp

Despite being owned by Facebook, WhatsApp’s default end-to-end encryption can arguably protect users from Facebook spies.

• All WhatsApp chats are end-to-end encrypted by default. So cybercriminals can’t decrypt your conversations even if they tried.
• Users can enjoy standard features like calling, video calling, voice messaging, and file sharing.

3. Signal

• Signal is end-to-end encrypted by default and uses a commonly respected encryption protocol.
• It lets you send anonymous messages so even the Signal server doesn’t know who the sender is.
• You can blur faces in the photos that you send.
• Signal has no trackers or advertisers – so illicit data sharing is less likely.

Signal vs Telegram

Signal is probably your best bet in terms of security and easily defeats the Signal vs. Telegram debate. Here’s why:

1. Extra verification: Signal lets you verify that your conversation is genuinely private. Each Signal conversation has a unique device safety number to verify the security of your messages and calls with certain contacts.
2. Password lock messages: Signal lets you set a password for the app, so even if someone gets into your phone, your Signal messages stay locked.
3. It is possible to go phone number free: Signal is working on using a PIN to allow users to verify themselves instead of a phone number (giving you more anonymity.)

Signal vs WhatsApp vs Telegram

WhatsApp is end-to-end encrypted by default unlike Telegram, where you may accidentally expose your chats if you forget to use the “secret chat” function. However, WhatsApp IS owned by Facebook, one of the world’s biggest data collectors – a reason to be cautious.

Signal offers the best of both: it is end-to-end encrypted by default, lets you hide your chats even from Signal itself, and is independently owned.

For improved anonymity, use a burner sim when signing up to use messaging apps so you don’t get tracked through your normal phone number. Your messaging app should always be end-to-end encrypted for both one-on-one chats AND group chats. If it is, we’re more likely to give it our seal of approval.

Want to read more like this?

Get the latest news and tips from NordVPN.

Subscribe

Subscribe

You’ve successfully subscribed to our newsletter!

Email is invalid

Subscribe

We won’t spam and you will always be able to unsubscribe.