Facebook this week said the roughly 900 million account holders who use its mobile Messenger app each month can now make their conversations illegible to eavesdroppers after it finished rolling out a feature that uses end-to-end encryption to protect private messages from prying eyes.
Less than three months after it began making its “Secret Conversation” function available to select users, a spokesperson for the social network told Wired this week that the feature is now available across the board.
The ability to encrypt conversations is present in an updated version of Messenger released for iOS and Android smartphones this week, providing the mobile-minded vast majority of Facebook’s billion-plus users with an easy way of protecting their conversations with an additional layer of security.
“Your messages are already secure, but Secret Conversations are encrypted from one device to another,” Facebook said.
Specifically the end-to-end encryption utilized by Facebook scrambles and descrambles messages using cryptographic keys that exist only on the mobile devices of the intended recipient and sender. That means that an individual who gains unauthorized access to another’s Facebook account can’t see that person’s encrypted conversations unless they also are in physical possession of the particular smartphone or tablet those messages were destined for; on any other device, the messages would be undecipherable.
When properly implemented, the feature makes it so neither Facebook, law enforcement nor anyone else can read the contents of encrypted messages unless the plaintext is volunteered by either sender or recipient.
Additionally, Secret Conversations also includes a self-destruct feature that makes messages disappear from screens after a predetermined time, similar to a function implemented by media-sharing app Snapchat.
Combined with the roughly 1 billion people who use the similarly secure WhatsApp messenger acquired by Facebook in 2014, the social network’s latest rollout now puts easy-to-use encryption quite literally into the hands of much of the modern world — a feat that is sure to foil investigators as well as snooping spouses and other eavesdroppers.
“To be clear, your existing ‘regular’ messages and calls on Messenger already benefit from strong security systems as Messenger uses secure communications channels — just like banking services — all around,” said David Marcus, Facebook’s head of Messenger. “But we’re rolling out this additional capability as an option for the most sensitive conversations you might need to have.”
Facebook’s Messenger and WhatsApp both use encryption software developed by Open Whisper Systems, the nonprofit organization responsible for Signal, a widely downloaded messaging app that uses end-to-end encryption by default and purposely keeps as little information about its users as possible.
Open Whisper Systems was subpoenaed by the FBI earlier this year and asked to provide information about one of its users to criminal investigators, but was only able to provide the date and time that person’s account was created and last accessed.
“We’ve designed Signal so it minimizes the amount of data we retain on users, and we don’t really have anything to respond with in situations like this,” Open Whisper Systems founder Moxie Marlinspike told Reuters regarding the legal request.
The same can’t necessarily be said about Facebook, however. While conversations encrypted end-to-end might not be easily deciphered by investigators, Facebook collects user data unlike Signal that could be requested by law enforcement and made readily available.
Secret Conversations requires both users to enable end-to-end encryption for the feature to work, and comes with a small price to pay for added privacy. Voice calling, video sharing, GIF sending and making payments to fellow Facebook users are all functions that aren’t supported by Secret Conversations, the social network said.