iMessage and FaceTime Ranked as Most Secure Mass-Market Messaging Options

by

The Electronic Frontier Foundation or EFF, a non-profit digital rights group, has investigated the security of various messaging apps and created a new Secure Messaging Scorecard, ranking messaging apps and tools like iMessage, FaceTime, BlackBerry Messenger, Skype, Snapchat, and more, based on seven different factors:

- Is a message encrypted in transit?
- Is it encrypted so the provider is unable to read it?
- Can you verify contacts' identities?
- Are past communications secure if keys are stolen?
- Is the code open to independent review?
- Is security design properly documented?
- Has the code been audited?

Unsurprisingly, the apps that score highest on the EFF's chart are those dedicated to secure messaging, such as iPhone apps ChatSecure, Signal, and CryptoCat, both of which scored checkmarks in all categories.

Apple's iMessage scored five out of seven checkmarks, earning points for encrypting messages in transit and encryption that's unreadable by Apple, but the messaging app was faulted for an inability to verify contact identities and the fact that Apple's code is not open to independent review.

effchart
FaceTime was scored in the same way as iMessage, also offering encryption but no contact verification/independent review capabilities. Outside of dedicated secure chat messaging apps, both FaceTime and iMessage scored higher than competing messaging platforms like Skype, WhatsApp, Viber, Snapchat, Kik, Google Hangouts, and BlackBerry Messenger.

Few of the competing messaging services offer encryption that prevents the companies offering the services from accessing messages, though all encrypted messages in transit. Most iMessage/FaceTime competitors also fail to secure past communications if keys are stolen, and few had properly documented security design. QQ, a highly popular Chinese messaging app, failed at providing any of the qualities the EFF was looking for in a secure messaging app, not even bothering to encrypt messages.

According to the EFF, Apple's iMessage and FaceTime products were the "best of the mass-market options," which is not much of a surprise given Apple's unparalleled focus on user privacy. Apple has a comprehensive privacy site that details all of its privacy policies and the security of various apps and services, including iMessage and FaceTime.

On the site, Apple specifically says iMessage and FaceTime calls "are your business, not ours." The company offers end-to-end encryption and Apple has no way to decrypt it. "Unlike other companies' messaging services, Apple doesn't scan your communications and we wouldn't be able to comply with a wiretap order even if we wanted to," reads the site.

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

Derekeys Avatar
Derekeys
147 months ago
Whine Time

I want synced deleting!!! If I delete a message off my iPhone I want my iMac, iPad, and macbook to have deleted them as well.

:D


Edit: Or at least make it an option as others may like that it doesn't occur that way.
Score: 22 Votes (Like | Disagree)
StarManta Avatar
StarManta
147 months ago
TouchID could be used to fill the holes suggested here.

Imagine this use case: Jane and John both have iPhones and are chatting using iMessage. Jane wants to send sensitive information (boob pics) to John, but wants to make sure that John hasn't handed his phone to his friend Bobby at the time she sends it. She could flag the message as 'secret', and John has to use TouchID or his AppleID password to verify his identity before seeing that message.

Offtopic: I'd also like a private browser that is 'locked' with TouchID. I could keep all my porn windows open in Private mode, and no one could see them without me unlocking that specifically.
Score: 13 Votes (Like | Disagree)
farewelwilliams Avatar
farewelwilliams
147 months ago
can we go back to ICQ? good ol' days.
Score: 10 Votes (Like | Disagree)
0xyMoron Avatar
0xyMoron
147 months ago
What an ugly charts table.
Score: 9 Votes (Like | Disagree)
cube Avatar
cube
147 months ago
"Is security design properly documented?"

Huh? I don't understand how whether the security is documented or not actually improves the security.

Because if it is documented, independent parties can find flaws in the design. If it passes, the implementation can still be flawed however.
Score: 7 Votes (Like | Disagree)
ChrisCW11 Avatar
ChrisCW11
147 months ago
Lol, open source

The column "Is the code open to independent reviewers", how on earth can the open source community continue to claim that their code is safe and secure because of peer review when HeartBleed and a slew of other major security holes and exploits have been found in open source code and has been their for years or even decades?

Just because a million monkeys review your code doesn't make it secure.
Score: 6 Votes (Like | Disagree)
Read All Comments