Telegram Is Not End-to-End Encrypted by Default and You Have to Start 'Secret Chat' Manually, Here's How

Telegram Is Not End-to-End Encrypted by Default and You Have to Start 'Secret Chat' Manually, Here's How

Telegram's popularity is on the rise, thanks to WhatsApp's updated terms of service that has sparked a massive debate around user-data privacy. The company has also promoted itself for offering "safer" and "more secure" messaging experience over its competitors, for a very long time. The messaging platform similar to WhatsApp further provides a host of user-friendly features such as group chats, video and voice calling, among many. However, it appears that Telegram's chats - both personal and group - do not have end-to-end (e2e) on by default, and users have to start a 'secret chat' manually to enjoy that extra layer of security.

To recall, end-to-end is a system of communication where only communicating users can read the messages. In principle, it prevents the backdoor entry of eavesdroppers – including telecom providers, Internet providers, and more from accessing personal conversations. Similarly, Telegram explains (via its support page) that regular chats use server-to-client encryption (c2s) that essentially encrypts data through cryptographic techniques before it is transmitted. Whereas, the e2e that applies on a 'secret chat' provides an extra layer of security by encrypting the data even after it reaches the end-user. Telegram adds that "All data, regardless of type, is encrypted in the same way — be it text, media or files."


How to use e2e-enabled secret chat on Telegram: The company explains that users via "secret chat" can manually enable e2e encryption that leaves no trace on its servers in addition to support self-destructing messages. When enabled, it automatically starts a different chat under the same name, but users can differentiate it by the name that appears in a green colour font. Notably, secret chat only works with one-to-one conversations and do not extend to Telegram groups.

To create a secret chat open the profile of the person > Click on the icon with the three dots just below the person's profile photo > Select 'Start Secret Chat.' This also supports self-destructing messages where the conversation is deleted automatically after a while. Users can set a preference for a few seconds, a day or a week. Additionally, if a user takes a screenshot when the secret chat is enabled, the end-user gets a notification. To end a 'secret' conversation, users have to delete the entire chat from the main page.

Why not just make all chats secret: Telegram says that the problem with e2e chats is of restoring access to old messages on a newly connected device (say from Telegram app to web). The company further explains, "We opted for a third approach by offering two distinct types of chats. Telegram disables default system backups and provides all users with an integrated security-focused backup solution in the form of Cloud Chats. Meanwhile, the separate entity of Secret Chats gives you full control over the data you do not want to be stored."

Telegram says that its voice and video calls are end-to-end encrypted though it not clear where the e2e applies there by default. On the other hand, Signal that is also enjoying rising popularity amid WhatsApp privacy term fiasco offers end-to-end on all chats by default.