Facebook Messenger is one of the most popular messaging apps in the world, with over 1 billion monthly active users. With so many people relying on Messenger for communication, encryption is an important consideration to protect user privacy.
Does Facebook Messenger use end-to-end encryption?
Facebook Messenger does offer end-to-end encryption, but it is not enabled by default for all chats. Users have to specifically enable Secret Conversations in Messenger to get end-to-end encryption.
With regular Messenger chats, messages are encrypted in transit between the user and Facebook’s servers. However, Facebook has the cryptographic keys to decrypt the messages and read their content. So regular Messenger chats do not have end-to-end encryption.
In contrast, Secret Conversations are end-to-end encrypted so that only the participants in the chat can read the messages. Facebook does not have access to the cryptographic keys to decrypt the content of Secret Conversations.
How Secret Conversations provide end-to-end encryption
When users enable a Secret Conversation in Messenger, the app generates a unique symmetric encryption key for that chat thread. This key is used to encrypt all messages, photos, videos and files shared in the Secret Conversation.
To set up the symmetric key between participants, Messenger uses the Signal Protocol – a standard end-to-end encryption protocol originally developed by Open Whisper Systems for the Signal app. The Signal Protocol uses a combination of asymmetric cryptography and symmetric cryptography.
Here’s a breakdown of how the Signal Protocol works in Secret Conversations:
- Each user generates a public/private key pair. Their public key is shared with the other participant.
- The app combines both users’ public keys to derive a common shared secret.
- The shared secret is used as input to generate the symmetric encryption key for the chat thread.
- Messages are encrypted with this symmetric key before being sent.
- Each user’s app decrypts received messages with the symmetric key.
This process ensures that only the intended recipients can decrypt and read messages – not even Facebook can access the decryption keys.
Additional security features
Beyond end-to-end encryption, Secret Conversations provide additional security features:
- Messages are deleted after a set time period, ranging from 5 seconds to 1 day.
- Screenshot notifications – the app notifies if the other person takes a screenshot of the conversation.
- Full message encryption – including photos, videos, files, audio messages.
- Authentication safety codes – users can verify each other’s identities by comparing safety codes.
Limitations of Secret Conversations
While Secret Conversations offer robust encryption, there are some limitations users should be aware of:
- Not available on group chats – only 1:1 conversations can be encrypted.
- No cloud storage of encrypted messages – conversations are stored locally and deleted after the expiration time.
- Extra setup required – both users need to actively enable the secret conversation feature.
- Not available across all platforms – Secret Conversations work on iOS and Android but not Facebook Portal devices.
Encryption for calls
In addition to Secret Conversations, Messenger also provides end-to-end encryption for voice and video calls when enabled.
For one-on-one calls between two users, the call contents are encrypted with keys that only their devices have access to. Group calls of up to 8 participants are also encrypted end-to-end if all participants are using the latest version of Messenger.
However, Messenger calls still rely on Facebook’s servers to initially set up the call. So while the call contents are encrypted, metadata like who is calling whom and when calls happen does go through Facebook’s infrastructure.
Encryption standards and protocols
Here is a summary of the different encryption standards and protocols used by Facebook Messenger:
| Feature | Encryption Protocol |
|---|---|
| Secret Conversations | Signal Protocol |
| Voice/Video calls | SRTP media encryption + Signal Protocol for key exchange |
| Regular chats | TLS encryption in transit |
SRTP stands for Secure Real-time Transport Protocol and provides encryption for the media stream in calls and video chats. TLS (Transport Layer Security) encrypts data while in transit between the client and Facebook’s servers.
How does WhatsApp’s encryption compare?
WhatsApp uses the same Signal Protocol as Messenger for end-to-end encryption. However, the key difference is that WhatsApp applies this encryption by default for all chats.
So while Messenger requires enabling Secret Conversations to get end-to-end encryption, all WhatsApp chats have end-to-end encryption automatically enabled. WhatsApp calls are also encrypted end-to-end by default.
Therefore, WhatsApp provides stronger privacy and encryption versus standard Messenger chats. But Messenger gives users the option to turn on end-to-end encrypted Secret Conversations if they desire enhanced security.
Conclusion
Facebook Messenger offers end-to-end encryption as an optional feature users can enable through Secret Conversations. While not used by default, Secret Conversations provide robust encryption using the reputable Signal Protocol.
Voice and video calls can also be encrypted end-to-end on Messenger for 1:1 calls. However, regular Messenger chats rely on standard TLS encryption which protects messages in transit but allows Facebook to access their content.
For the strongest messaging encryption, WhatsApp is preferable to Messenger since it applies end-to-end encryption for all conversations automatically. But Messenger still provides solid encryption options for users who enable its enhanced security features.