Happy Data Privacy Day! This year’s DPD comes at a time when privacy concerns are peaking, as advancements in consumer technology and its widespread adoption increasingly put user privacy at risk. However, as Dennis Fisher noted earlier this week, that technological advancement has also served to equip users with powerful and simple applications that use encryption to protect their communications and activities from prying eyes. Here are 15 free, user-friendly mobile apps to consider if privacy is a concern for you.
Encrypted Messaging and Calling Apps
Signal is an open source encrypted messaging and calling app for iOS and Android developed by Open Whisper Systems, a team of cryptographers and developers lead by Moxie Marlinspike. With endorsements from Bruce Schneier and Edward Snowden, Signal is a leading choice for privacy-conscious smartphone users. Signal is one of just a few encrypted messaging/calling apps to receive a 7/7 rating on the first edition of Electronic Frontier Foundation’s Secure Messaging Scorecard for meeting all of the following criteria* :
- Encrypts messages in-transit
- Encrypted messages are not readable to the provider
- Verifiable identities for contacts
- Messages remain secure even if encryption keys are stolen
- Code is open to independent review
- Proper documentation of security architecture
- Recent code audits
Wickr provides an encrypted messaging app for iOS, Android, and desktop as well as a paid version for business use. Wickr employs layered, end-to-end encryption with extensive privacy controls, including settings for how long messages are viewable to recipients. The company backs up its commitment to user security and privacy through its participation in third party security audits and a strong bug bounty program.
WhatsApp is an encrypted messaging, voice, and video calling app for iOS, Android, Windows phone, and desktop. WhatsApp employs end-to-end encryption to prevent message interception or eavesdropping – even WhatsApp can’t access the contents of its messages. WhatsApp received a 6/7 on the EFF’s Secure Messaging Scorecard version 1.0, falling short of a perfect rating because the software is not open source and therefore its code is not available for independent review.
- iOS – 4 stars with 182,987 ratings
- Android – 4.4 stars with 50,017,791 ratings
- Windows Phone – 3.8 stars with 64,000 ratings
ChatSecure (iOS only)
ChatSecure is an open source encrypted messaging app for iOS. The app employs end-to-end OTR encryption over the XMPP protocol. ChatSecure is currently only available for iOS, but is compatible with encrypted Android messaging app Conversations as well as desktop clients. ChatSecure also supports Tor for users seeking integrated private browsing and encrypted messaging. While ChatSecure has fewer user ratings than others on this list, the app has been lauded by the security community for providing strong, open source encrypted apps to protect users’ privacy.
- ChatSecure: iOS – 3 stars with 162 ratings
- Android – not available
Encrypted Email Apps
Switzerland-based ProtonMail is an open source, optionally anonymous email app that employs end-to-end email encryption. ProtonMail was developed by a team of researchers and cryptography experts with a diverse range of technical backgrounds, including former CERN employees, Harvard, MIT and Standford graduates, and security professionals in the public and private sectors. Because of the company’s location, all data used by the app is protected under the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO). For additional security, emails sent with ProtonMail can be set to “self-destruct” after specified time periods.
Virtru is an app for iOS and Android that provides end-to-end email encryption that integrates with existing email accounts. Virtru allows users to select which emails and/or attachments they want to encrypt prior to sending, control how long recipients can view messages, restrict forwarding, and revoke emails at any time. Virtru’s mobile apps are free for personal use, with business versions available via paid subscription.
OpenKeychain (Android only)
OpenKeychain is a leading choice for tech-savvy Android users looking to encrypt email and messages. Based on the OpenPGP standard, OpenKeychain itself is not a messaging or email app but instead integrates with popular Android apps like K-9 Mail and Conversations to make OpenPGP encryption conveniently available to mobile users. The app does require users to store, manage, and exchange encryption keys manually, making it slightly less accessible for non-technical users, but remains a highly popular choice for those who are familiar with OpenPGP or other encryption protocols.
- iOS – not available
- Android – 4.4 stars with 1,728 ratings
CipherMail (Android only)
CipherMail is an email encryption application for Android that integrates with other Android email apps to provide S/MIME signatures and encryption for emails. CipherMail supports popular email apps for Android such as Gmail and K-9 Mail as well as common S/MIME clients including Outlook and Thunderbird. For technical users who are familiar with encryption key and certificate management, CipherMail is a viable option, though less technically-savvy users should probably seek an option that handles these functions automatically and transparently.
- iOS – not available
- Android – 4.1 stars with 230 ratings
Boasting 400 million users spanning 200 countries, Hotspot Shield is a top choice for free mobile VPNs for iOS and Android alike. Hotspot Shield provides all of the features users have come to expect from VPN apps – such as encrypted traffic, anonymized browsing, IP obfuscation, and tracker blocking – plus alerts to protect users from sites that distribute malware. In addition to the free app for iOS and Android, Hotspot Shield offers paid Elite and Business versions for users or enterprises that need more features.
Betternet provides a VPN app for both iOS and Android that is completely free and requires no registration to use. Betternet uses a creative revenue model to avoid the tiered or “freemium” pricing offered by other VPN apps, meaning that users can enjoy all the benefits of VPN without any limits on data usage or features. In addition to its mobile offerings, Betternet is available for popular browsers and Windows.
Made by Opera Software, SurfEasy is a popular VPN app available for iOS and Android users. SurfEasy allows users to reap the benefits of VPN solutions without collecting or storing any user data, keeping users’ information and activity private even to SurfEasy itself.
Encrypted Password Managers
LastPass is an encrypted password manager for iOS, Android, and Windows Phone as well as an integrated browser extension for desktop. LastPass provides an encrypted password vault using device-level AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to store your passwords securely. Passwords can be auto-filled via your master password or fingerprint, and passwords (as well as encryption keys) are never shared with LastPass.
- iOS – 3.5 stars with 3,364 ratings
- Android – 4.6 stars with 91,786 ratings
- Windows Phone – 3.5 stars with 573 ratings
Keeper provides similar features to LastPass with the addition of encrypted storage via Amazon AWS for files, photos, and videos as well as secure file sharing with other Keeper users. For added security, Keeper also offers two-factor authentication to prevent account hijacking. In addition to its free offerings for iOS and Android, Keeper offers family and business plans via paid subscriptions.
File Encryption and Encrypted Storage Apps
CoverMe is an app that provides an encrypted “vault” for secure file storage as well as end-to-end encrypted messaging and calling. The app offers a wide suite of security features, including encrypted sharing for photos and videos, self-destruction and remote deletion for messages, and an encrypted address book for securing your contacts.
Secret Space Encryptor (Android only)
Secret Space Encryptor for Android is text/file encryption and password storage app. In addition to its core encryption features, Secret Space Encryptor includes several utilities to help further strengthen user privacy and security, including a secure password generator that integrates with SSE's password vault, a clipboard cleaner, and application security reporting.
- iOS – not available, although Paranoia offers a Paranoia Text Encryption Lite app for iOS with simple text encryption capabilities
- Android – 4.3 stars with 2,160 ratings
*Note that the EFF Secure Messaging Scorecard version 1.0 is currently out of date with a second version in the works; however this post references the EFF’s scorecard in cases where apps have maintained these features in current releases. All app store ratings listed are current at the time of writing.