The privacy and security of online communication are hot topics these days, and for a reason. Since we know how to create an encrypted app, we’d like to share our experience and offer tips in this article. We’ll talk about the current state of the industry, encryption methods, and possible risks. For a price estimate, scroll to the end of the article.
- What does it mean to have a secure instant messenger?
- Different approaches to end-to-end encryption
- How to make a secure messenger?
- How to secure a messaging app
- Cost to make a secure messaging app
At the beginning of 2021, WhatsApp, the most popular messenger app in the world, rolled out its new terms of service. They caused quite an uproar, partially due to confusion. After that, Tesla CEO Elon Musk, who’s a well-known critic of Facebook (WhatsApp is owned by Facebook), suggested that his 42.5 million Twitter followers switch to Signal, a previously not very well-known messenger.
Use Signal— Elon Musk (@elonmusk) January 7, 2021
In the wake of this tweet, Signal — whose encryption system WhatsApp itself uses, by the way — saw a surge in users. This surge was so big that servers had difficulty coping. Signal’s developers managed to handle the situation, but it showed that demand for secure messaging systems is on the rise. Now, everybody wants to know how to create an application like Signal. Which brings us to this article.
What does it mean to have a secure instant messenger?
Most instant messaging apps today use end-to-end encryption. What is it? Here’s a diagram of a chat application architecture as an example:
Put simply, a typical messenger has three main interconnected parts:
The sender’s device
The recipient’s device
A message is sent by a sender to a recipient via a server. Without encryption, this message will be transmitted as plain text and can therefore be read by anyone with access to it at any point along the way. With encryption, the message is transformed from plain text into cyphertext — encrypted with a key — for transfer and then transformed back (decrypted) on the recipient’s device, with a paired key.
End-to-end encryption means the encryption keys are stored at the ends, i.e. on users’ devices, instead of on the server. This makes it so that no one except the sender and receiver can read the messages. Not even the service provider who owns the server has access to them. To hack these messages, a hacker needs to access users’ devices, as hacking the service provider’s server is of little use.
The weak point of end-to-end encryption is its susceptibility to a so-called man-in-the-middle (MITM) attack. Skilled MITM hackers can hack the public key stored on a server and configure the system to recognize the hacker as a rightful recipient, allowing the hacker to eavesdrop on a conversation and even participate in it in place of the intended recipient.
To battle MITM attacks, Signal developers have further upgraded their protocol’s end-to-end encryption with a Double Ratchet Algorithm. This algorithm creates session keys in addition to the public and private keys created when users install the app. Session keys are created for each message sent, and they self-destruct when the session is complete (i.e. when the message is received), making it impossible for a hacker to decrypt all messages if they manage to obtain the key for one session.
WhatsApp uses end-to-end encryption for all its messages. In fact, it uses Signal’s own encryption protocol. So what’s the issue with it now?
Different approaches to end-to-end encryption
It’s true that WhatsApp can’t snoop on the contents of your messages and can’t listen in on your in-app calls. However, the version of Signal’s encryption protocol that WhatsApp uses only encrypts the contents of messages. This means that WhatsApp — and, by extension, Facebook and anyone they decide to share the information with — can see who you’re talking to, when, and from where. This metadata can reveal very personal information about all participants in a conversation.
At the same time, the Signal app uses an updated protocol that encodes metadata as well, and no one — not even the app’s owners — can decode it without direct access to users’ devices.
The only other messenger app that does this is Telegram. However, in Telegram, end-to-end encryption is only applied in secret mode and not to all chats by default. General messages aren’t well-encrypted on Telegram. At least Telegram refuses to share such information with anyone, be they governments or advertisers.
Today, messaging app security is a huge topic — a messenger’s inability or unwillingness to share users’ information with governments is often met with limitations and bans. Telegram, for example, has been banned in Russia, its creator’s homeland; the United Arab Emirates has banned all non-state-owned VoIP services. As a response, people everywhere demand more safe means of communication, and the market for secure mobile messaging apps is growing.
So how to make a secure messenger?
Most people use at least one messenger, probably several, and the basic set of features for a messenger app will hardly surprise you. So we’ll be brief in this section. Here’s a table of features for a secure chat solution:
Briefly introduce your app; the shorter the better, but make it comprehensible.
Sign up / log in
A messenger account is usually tied to a phone number.
A profile stores a user’s personal information and links to important features like contacts, settings, and FAQs.
Allow users to adjust the messenger for their convenience.
In a messenger app, it’s essential to have a reliable system for instant notifications.
A modern messaging app is required to support both one-on-one chats and group chats.
Users need to be able to exchange text messages as well as share images and documents.
A VoIP feature is as important today as texting. Quality sound requires a stable connection even with slow internet speeds.
Even with the Signal protocol, if someone gets a hold of a user’s phone they can see all previous messages unless users deleted them. You might add an option for users to set a timer to destroy messages and/or media files.
Most people have more than one device with communication apps installed. For users to be able to smoothly switch between devices as they see fit, you’ll need to provide a sync feature.
To better protect users’ data in case a device is stolen, offer two-step authentication via fingerprint, password, pin code, or verification code or link.
If you want to build a peer-to-peer messaging app that stands out from the crowd, consider these features:
Stickers and GIFs. Every other messenger today integrates the popular GIF service Giphy into its interface to complement emoticons. Stickers became popular when Telegram started offering them for free (as opposed to Viber, for example, where only some stickers are free).
Secret/private chats. Whether or not you encrypt your users’ metadata, in today’s stormy reality, it might become your app’s selling point to have disappearing or lockable chats. For example, Telegram offers secret chats that automatically disappear if you log out of Telegram on your device. These chats aren’t stored on Telegram’s cloud servers and therefore can’t be backed up or synced even if you’re logged in on more than one device.
Video chat. In 2020, with an overwhelming number of people forced to work remotely due to the pandemic, video conferencing tools have seen a huge surge in popularity. And many have lamented the lack of video calls — one-on-one and group calls — in existing popular messengers. It’s by no means a must-have feature, but it will most certainly be popular among users.
How to secure a messaging app
The back end is where the magic happens in messengers. Backend specialists are responsible for your chat app’s security and reliability, as they’re the ones who know how to encrypt messages.
There are several ways to implement end-to-end encryption and make a communication app secure. Usually, encrypted messages are stored on a messenger’s servers — cloud servers are more secure and thus recommended for this purpose — and decryption keys are only available from users’ devices to avoid a data breach in case the servers are hacked.
It’s also possible to forego storing messages on your servers completely and store them on users’ devices. But that means your users won’t be able to restore their message history in case the devices on which they’re logged in are lost or they delete the app. Syncing messages between devices will also be impossible.
To make a secure messaging app like Signal, you can actually use the encrypted messaging API from Signal itself. Signal’s open-source encryption protocol is the most popular among developers building messengers, as it’s constantly peer reviewed and audited. As of the time of writing, the following messengers use Signal’s protocol to encrypt the contents of their messages:
- Facebook Messenger (secret chats only)
- Skype (Private Conversations only)
- Google Messages for Android (SMS)
Telegram uses its own 256-bit symmetric AES encryption-based algorithm called MTProto for secret chats. This algorithm is closed-source, though, for which Telegram has been widely criticized.
Cost to make a secure messaging app
The cost to make any app depends heavily on the time required for development. As far as the number of features goes, messengers don’t seem too complex; however, the back end alone for a well-encrypted messaging app can take about 520 hours to build.
The usual programming language options for a messenger back end are Elixir or Erlang — Ruby on Rails isn’t a good choice for a big amount of data in the form of text messages, media, and audio/video calls. WhatsApp uses Erlang, while Elixir is employed by Discord.
At Mind Studios, we developed a messenger app with an Elixir-based back end. However, Elixir itself is based on Erlang with some Ruby mixed in, so an experienced Elixir developer can write code in Erlang as well.
Here’s our take on the time necessary for developing a secure messaging application:
Business analysis and creating a specification — 96+ hours
UI/UX design — 168+ hours
iOS client-side mobile app — 450+ hours for an MVP with the most essential features
Backend development — 520+ hours
iOS app testing — ~240 hours
Android development takes slightly less time than iOS development, but testing takes longer due to the wider variety of devices.
With this rough time estimate, the cost to build a really safe chat application will start at $51,590 and will go up with extra features.
Secure messengers are exceptionally important, and the demand for them is high today and will be higher tomorrow. But so is the competition. Not every company can make encrypted messaging apps. To develop a secure instant messaging app like Signal, you’ll need developers experienced in this niche.
You’ll also need to keep up with industry leaders when it comes to design. The Signal app is simple and isn’t famous for its intuitiveness, but it wins over users who care about their privacy more than about bells and whistles. WhatsApp and Telegram, on the other hand, look fancy and are exceptionally intuitive in addition to being secure (while their security might not be on the same level as Signal, it’s still impressive). So to shine brightly in this niche, your custom app will need to be both secure and user-friendly. Balancing these requirements is no trifling matter. But with the right team, it’s possible.