For more security and confidentiality in your exchanges on Facebook Messenger, since 2016 you can activate a “secret conversation” option. We explain how to do it and why it is important.
WhatsApp isn’t the only Facebook-owned app that offers a very high degree of private chat security – despite the controversy over sharing certain data, the app remains encrypted. End-to-end encryption is also offered on Messenger. Only here, this parameter is not activated by default. It may be one day, given the reflections of the social network on a cross-platform “universal messaging” to communicate between WhatsApp, Messenger Instagram.
Until this project is completed, which is not certain, and some uncertainties are resolved, here is a guide detailing how to benefit from end-to-end encryption in Messenger.
Enable secure conversations
Since 2016, the social network’s messaging system has included an option in its settings that allows two correspondents to hold a “secret conversation”, that is to say that cannot be read by a third party, whether Facebook, your supplier Internet access or anyone else. The problem is that its existence is not very well known: it must be said that Facebook does not really promote it.
To take advantage of it, you must first check the availability of this parameter.
- Open Messenger on your smartphone and go to the application settings, touching your portrait at the top left of the screen.
- Then go down to the line Confidentiality, then check that you have the Secret conversations. This screen shows you the keys generated by your various terminals to encrypt conversations and make them unreadable by a third party.
The next step is to choose who you want to chat with in this mode.
- Open a conversation already in progress then tap the person’s name at the top of the screen.
- The option you are looking for is then called Open a secret conversation. A new window appears and this one has a slightly different interface, since the color black is predominant, in order to remind you that you are in a particular mode of communication. It’s done: you are now in a secure encrypted conversation.
From there, just type your message or attach your file, then click on the send button. Once the contact is made, the secret conversation will be displayed in the discussion list. Note that this is separate from the normal chat you were having so far. A small padlock appears next to the conversation icon and indications (such as identification keys) are available.
According to Facebook, “ when secret conversations are enabled, they are end-to-end encrypted on all your devices at the same time “. Clearly, they are secured from the outset on the departure terminal, before being sent over the Internet. It is only when the recipient receives the encrypted message that he can open it on his mobile, provided he has the decryption key.
Be careful, this is not the same as ephemeral conversations accessed by dragging a conversation up. These fleeting conversations are just messages that disappear, but they are not encrypted.
A renowned protocol behind
The option of secret conversations was launched in October 2016. It is based on Signal’s open source protocol to end-to-end encryption of exchanges (this is also the case for WhatsApp, a subsidiary of Facebook). note Wired, ” which enjoys an excellent reputation within the security community “. The only big complaint we can make: that it is not enabled by default.
Its development is overseen by Open Whisper Systems, an organization founded by crypto expert activist Moxie Marlinspike. This same technology is found in Signal secure messaging, instant messaging promoted by Open Whisper Systems.
Sign of his great quality and the seriousness that surrounds his design, the whistleblower Edward Snowden had absolutely clear words: ” use anything [fait] by Open Whisper Systems “.
Even when it’s Facebook? Due to the social network’s liability in terms of respect for privacy and its economic model built on the use of personal data, there will undoubtedly always be some doubt. How to ensure that the implementation of the Signal protocol is correct? The demonstration of a bad deployment is however not made at the present time.
If this uncertainty is too heavy, of course nothing prevents switching to another solution. But it is still necessary that his correspondent is also there. Messenger can boast of bringing together a community of 1.3 billion users worldwide, according to statistics from September 2017. Who can say the same? Facebook knows this well and is taking advantage of it.
Article originally published on June 22, 2018 and updated on August 12, 2021