We only recommend instant messenger programs or apps that support end-to-end encryption (E2EE). When E2EE is used, all transmissions (messages, voice, video, etc.) are encrypted before they are sent from your device. E2EE protects both the authenticity and confidentiality of the transmission as they pass through any part of the network (servers, etc.).
All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.
We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.
Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.
{% include cardv2.html title="Signal" image="/assets/img/svg/3rd-party/signal.svg" description='Signal is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Its protocol has also been indepedently audited (PDF)' labels="warning:Requires phone number:Signal requires your phone number as an personal identifier which means anyone you communicate with will see it.|success:VoIP" website="https://signal.org/" forum="https://forum.privacytools.io/t/discussion-signal/664" github="https://github.com/signalapp" windows="https://signal.org/download/" mac="https://signal.org/download/" linux="https://signal.org/download/" googleplay="https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms" android="https://signal.org/android/apk/#apk-danger" ios="https://apps.apple.com/app/signal-private-messenger/id874139669" %} {% include cardv2.html title="Keybase" image="/assets/img/svg/3rd-party/keybase.svg" description='Keybase provides a hosted team chat with E2EE. Its protocol has also been indepedently audited (PDF). Keybase can help you prove you own social media accounts though the use of cryptographic signing of "identity proofs".' labels="warning:Warning:This software relies on a closed-source central server." website="https://keybase.io/" forum="https://forum.privacytools.io/t/discussion-keybase/1224" tor="http://keybase5wmilwokqirssclfnsqrjdsi7jdir5wy7y7iu3tanwmtp6oid.onion/" github="https://github.com/Keybase" windows="https://keybase.io/docs/the_app/install_windows" mac="https://keybase.io/docs/the_app/install_macos" linux="https://keybase.io/docs/the_app/install_linux" freebsd="https://www.freshports.org/security/keybase/" googleplay="https://play.google.com/store/apps/details?id=io.keybase.ossifrage" ios="https://apps.apple.com/app/keybase-crypto-for-everyone/id1044461770" firefox="https://addons.mozilla.org/firefox/addon/keybase-for-firefox/" chrome="https://chrome.google.com/webstore/detail/keybase-for-reddit/ognfafcpbkogffpmmdglhbjboeojlefj" %}Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.
{% include cardv2.html title="Riot" image="/assets/img/svg/3rd-party/riotim.svg" description='Riot.im is the reference client for the Matrix network. The Matrix open standard is an open-source standard for secure, decentralized, real-time communication.Peer-to-Peer instant messengers connect directly to each other without requiring third-party servers. Clients (peers) usually find each other through the use of a distributed computing network. Examples of this include DHT (distributed hash table) (used with technologies like torrents and IPFS, for example). Another approach is proximity based networks, where a connection is established over WiFi or Bluetooth (for example, Briar or the Scuttlebutt social networking protocol). Once a peer has found a route to its contact via any of these methods, a direct connection between them is made.
{% include cardv2.html title="Briar" image="/assets/img/svg/3rd-party/briar.svg" description="Encrypted instant messenger that connects to contacts via Wi-Fi, Bluetooth, or Tor over the internet to synchronize messages. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis." website="https://briarproject.org" forum="https://forum.privacytools.io/t/discussion-briar/2114" gitlab="https://code.briarproject.org/briar/briar" fdroid="https://f-droid.org/packages/org.briarproject.briar.android/" googleplay="https://play.google.com/store/apps/details?id=org.briarproject.briar.android" %} {% include cardv2.html title="Jami" image="/assets/img/svg/3rd-party/jami.svg" description="Encrypted instant messaging and video calling software. All communications are E2EE using TLS 1.3 and never stored elsewhere than on user's devices, even when TURN servers are used." labels="warning:Warning:This software is partially centralized but can be self-hosted.|success:VoIP" website="https://jami.net/" forum="https://forum.privacytools.io/t/discussion-jami/2116" gitlab="https://git.jami.net/savoirfairelinux" windows="https://jami.net/download-jami-windows" mac="https://jami.net/download-jami-macos" linux="https://jami.net/download-jami-linux" fdroid="https://f-droid.org/packages/cx.ring/" googleplay="https://play.google.com/store/apps/details?id=cx.ring" ios="https://itunes.apple.com/app/ring-a-gnu-package/id1306951055?mt=8" %}