Truth: Are WhatsApp, Duo, Facebook & Other Video Call Safe?

Recently, a 26-year old girl who was about to get married filed a complaint with authorities alleging her personal video chats with her boyfriend on WhatsApp were hacked and uploaded on social media!

We spend countless minutes on video calls every day.
But how safe is the video calling app we use?
Can it be hacked or be recorded by third parties?

The Truth About Video Calling Apps!

Contents

1. WhatsApp Messenger

Being owned by Facebook would seem to be like a bad start for any app with a focus on security and privacy.
But, WhatsApp is a secure messaging app. Every message and voice/video call on WhatsApp is end-to-end encrypted.
End-to-end encryption ensures that only you and the person you’re communicating with can see what is sent, and nobody in between, not even WhatsApp.
WhatsApp uses the Open Whisper Systems Signal Protocol to encrypt messages and calls, which is the best in the world today.
Sadly, Facebook has started using WhatsApp data to improve its products and show you personalized ads.

Verdict: Safe

2. Facebook Messenger

In the wake of Facebook’s Cambridge Analytica scandal, concerns about Facebook’s data collection overreach have only intensified.
But, Facebook added the ‘Secret Conversations’ feature to secure messages/voice & video calls on its Messenger app.
The end-to-end encryption is the same as the one used by WhatsApp provided by Open Whisper Systems Signal Protocol.
However, the encryption is not enabled by default. You will have to manually activate it for every single conversation by choosing ‘Secret Conversation’ in the chat window when messaging a contact.
One can also send self-destructing messages that disappear after a certain time has elapsed.
The video chat experience works relatively well. You can use live effects to have some fun with your family and friends.

Verdict: Relatively Safe

3. Google Duo

Google has been criticized for disclosing information to governments and agencies.
But, the safety measures taken by Google to protect its users from cyber-criminals and hackers are definitely laudable.
Google specifically built this app to make video calls, and trust me, the app is damn good at it!
All video calls are end-to-end encrypted by default. No one, including Google, can trace your calls or know what you converse!
Privacy has been at the forefront of the Google Duo video chatting app.
It is also optimized to work with bad networks. It gracefully reduces the video resolution to keep the call going smoothly.

Verdict: Safe

4. Snapchat

The human rights organization Amnesty International said that Snapchat is one of those social media platforms that takes the least action on user privacy.
It has millions of active users and is extremely popular with younger people. One can share photos, videos, text messages, and more.
With the recent update, you can also do video calls to your fellow Snapchatters.
Even though the app has introduced end-to-end encryption, there seem to be certain limitations.
As widely reported, Snapchat has used the same symmetric key to encrypt data. Worse yet, that symmetric key is embedded within the app, making it easily accessible for the hackers.

Verdict: Not Safe

5. Viber Messenger

Viber clearly states that its mission is to protect your privacy so that you never have to think twice about what you can or can’t share when you’re using Viber.
Viber’s policy guarantees that they can’t sell your private information since they chose to have no access to your private chats and calls in the first place.
Not only are your communications protected by end-to-end encryption by default, nothing you share is ever stored on Viber’s servers once delivered.
Viber’s end-to-end encryption is based on the ‘double ratchet’ protocol found in Open Whisper Systems Signal application, with their proprietary implementation and additions.
The call quality is excellent and even sounded better than other messenger apps in the same league.

Verdict: Safe

6. Skype

After Microsoft acquired Skype, privacy-conscious video chatters slowly began avoiding it over concerns that Skype may allow third-party and government wiretap surveillance.
It has been widely reported in the media that surveillance is deliberately built into Skype so that law enforcement agencies could easily eavesdrop on anyone they suspect.
Skype has recently introduced end-to-end encryption for voice calls and texts through a feature called ‘Private Conversations.’
It uses the powerful Signal Protocol to implement end-to-end encryption. Private Conversation is an opt-in feature and is not enabled by default.
Even though the company provides a transparency report, its general stance on customers’ privacy is poor.

Verdict: Not Safe

7. imo

Although the app gets credit for its clean design and free HD-quality video chatting, it doesn’t offer anything new that differentiate it from its peers.
IMO claims that its voice/video calls and text messages are encrypted with SSL/TLS technology.
But, I read through the entire privacy policy page of IMO, and nowhere did I find a claim of encryption of any kind.
If a decent encryption technology doesn’t protect the data, there’s a risk it’ll be intercepted by someone with unfriendly intentions.
Also, IMO continues to clog its app with ads and requests for the upgrade to its premium subscription. It seems IMO’s stance towards user privacy is pretty poor.

Verdict: Not Safe

8. Instagram

Instagram again is a Facebook service, and we all know about Facebook’s privacy standards.
It doesn’t look like Instagram is trying to compete with WhatsApp or Facebook Messenger as a video calling app.
Instead, this is about adding a convenience feature that’s in keeping with the current trends. For Instagram video calls, its USP is a simple one – you can talk and scroll feed at the same time.
Even though there is transport-level encryption for chats and voice/video calls, end-to-end encryption is yet to come to Instagram.
Facebook is trying to integrate all its services like WhatsApp, Facebook Messenger, and Instagram in the days to come. So, end-to-end encryption will be the norm.

Verdict: Not Safe

9. Telegram

Telegram has fought governments and law enforcement agencies to protect users’ privacy in the past.
It provides end-to-end encryption via a feature called ‘Secret Chats.’ However, users will have to enable it manually.
Telegram uses a proprietary MTProto protocol to achieve end-to-end encryption. But, experts have expressed skepticism about the lack of transparency surrounding the protocol.
If you have not enabled the ‘Secret Chats’ feature, the encryption provided is just at the transport-level. Also, the encryption keys are stored right on its servers, which is not a good thing!

Verdict: Relatively Safe

10. FaceTime

Apple has significantly ramped up privacy and security in its devices and services of late.
When American investigative agency FBI demanded that Apple undermine its own encryption as part of a terrorist shooting investigation, it boldly said ‘No.’
Recently, Britain government came up with a ‘Ghost Proposal’ where it wants messaging companies to secretly add law enforcement agencies as invisible participants in chats.
Apple, collectively with other major tech companies, outrightly rejected Britain’s proposal saying it violates fundamental human rights and creates new security risks for users.
FaceTime calls are fully protected by end-to-end encryption so that only the sender and receiver can access them. Even Apple cannot decrypt this data.
One can always trust Apple when it comes to user privacy and security. They are trendsetters and are always at the forefront of user rights.

Verdict: Safe

11. Signal Private Messenger

Signal is the app that NSA whistleblower Edward Snowden uses every day!
It is the European Commission’s messaging app of choice for the kind of security it offers.
Signal completely encrypts all chats and video calls with its very own advanced end-to-end encryption technology that is the best in the world.
It also hides virtually all of the metadata, including who sent the message. That means only the person to who the message is being sent can see who sent it to them.
Signal has no way of telling who is sending you other Signal messages, nor does anyone else who intercepts a Signal message in transit.
It’s open-source and run by a non-profit organization. This is pretty much the most security you could ask for in a messaging app.

Verdict: Safe

Shady Apps – Root Cause Of Most Hacks!

80% of the time, it’s the shady apps/malware that results in the hack. Users unknowingly download such apps that easily gain access to the camera and mic. The app/malware gives away all the personal information to a hacker who then leaks it.

15% of the time, personal videos are directly recorded by the person you’re communicating with using a screen recorder app and leaked.

3% of the time, it is the security flaws present in the video calling app that hackers exploit to steal data. Its only 2% chances of the reason being something miscellaneous.

Video Chatting Safety Tips

Always download apps from the official App Store. Check for ratings and user reviews. Beware of shady apps from unauthorized websites.
Make sure the opposite person is 100% trustworthy before you share anything private with them.
Only chat with people you really know. Do not accept chat requests/calls from non-friends.
A good rule of thumb when it comes to video calls is to avoid indulging in things that you wouldn’t want your mother to see.
Hackers can be on the prowl on public Wi-Fi networks. Take precautions while using them.
Use strong, different passwords for different apps or services.
Do not give your phone to people other than the trusted ones. Someone with physical access to your phone can easily install hacking apps and wreak unimaginable havoc.
Update the apps regularly. Updates often include bug fixes and security patches that will fix issues and vulnerabilities.
Do not root or jailbreak your device in the greed of some additional features. Unknowingly, you are only breaching the system to make it susceptible to greater risks.
Set up Two-factor Authentication. It makes it harder for hackers to gain access to a person’s devices or online accounts, as knowing the victim’s password alone is not enough and will need an extra PIN number.

RELATED: