Telegram doesn’t have two-way encryption by default, as many people think

However, there is one thing that not everyone knows: Telegram, unlike Signal, does not enable two-way encryption by default.

Two-way encryption means that only the sender and recipient of the message can read the message. Even the servers that host it, like in the case of Signal or iMessage on Apple devices, cannot decrypt and read the user’s messages. If those servers are hacked, the hacker will not be able to read what others have written. Two-way encryption (e2e) is, arguably, a key element of secure messaging services.

According to technology reporter Mike Isaac of the New York Times, the Telegram app is not as secure as everyone thinks.

” A few things to say:

SIgnal and Telegram are often paired with each other, but they are quite different.

Signal is a classic ‘messaging’ product, with default two-way encryption.

Telegram is like a messenger and social network and does not have e2e by default ”

Indeed, according to Telegram’s FAQ, users have to switch a Telegram chat to “secret” mode for it to be e2e encrypted. That means Telegram’s private chat groups are not e2e two-way encrypted, so they are more likely to be exposed ”

How is Telegram encryption different from other messaging systems?

Signal by default has e2e encryption enabled. However, in popular messaging apps, it seems only Signal does it. Facebook Messenger does not automatically encrypt e2e. Like Telegram, users must convert a chat to “confidential” in order to enable e2e encryption.

Whatsapp, which is owned by Facebook, has two-way encryption for chats between family and friends, but with work-related chats a problem arises. The app developer plans to change the encryption of work-related chats in a policy update on Feb. 8, but because of criticism they have to move to May 15.

Whatsapp messages between friends and family are two-way encrypted by default. However, business Whatsapp messages to enterprises will not be two-way encrypted starting May 15 if the business has granted access to a third party for archiving purposes (like Facebook). When you initiate such a business conversation, you will see a light blue message at the top with an explanation of the privacy issue you may be having. If the conversation is two-way encrypted, you’ll see a yellow message at the top indicating it.

In short: Signal is always bidirectional. Whatsapp is two-way encryption if you text your friends, family, and businesses at the present time; some business chats will not be encrypted for the next few months. Facebook Messenger and Telegram are not encrypted by default. The user must turn the conversation “secret” in these two apps to encrypt the content. In Telegram’s case, this means that only chats between two people have the ability to be two-way encrypted.

Reference: Mashable