Signal, by Open Whisper Systems, is a secure messaging app used and recommended by NSA whistleblower Edward Snowden. Signal comes to Android,iOS and Desktop also. Signal Desktop brings the trusted private messaging experience of Signal to the desktop, with a simplicity that allows you to seamlessly continue conversations back and forth between your mobile device and your desktop computer.
Signal Mechanism
When chatting with other users of the app, Signal uses a mechanism called end-to-end encryption. This scrambles messages using keys generated by your device and the devices you chat with. It also uses forward secrecy to generate a new key for every message. This way, even if a key is obtained, it will only give a hacker access to a single message rather than your full conversation.
Signal can also be set to automatically lock with a password, while the Android version can prevent screenshots from being taken inside the app. You can choose how much information is previewed when a notification for a new message is shown as well.
Signal uses these mechanisms to protect text, picture, video and audio messages. It also supports group conversations and phone calls. The app uses your phone number as an identifier and will automatically find anyone in your contact list who already uses Signal. If you have any reason to worry about your chat being snooped on, the app even allows you to verify each contact’s identity using a unique key. The keys should appear identical on both devices if your conversation is not being intercepted.
If you have contacts who don’t use the app, the app can send them an invitation to download Signal. Failing that, the Android version can be set as your default text messaging app to chat with them. These conversations won’t receive the benefit of end-to-end encryption, but they will be encrypted for storage on your phone.
The code for the application is open source, meaning that it’s available to the public to make suggestions and audit for security concerns. Prior versions of the app have been subject to security audits by researchers as a result. Their recommendations have since been implemented into the app.