When I first started using the Internet almost 20 years ago, there were many instant messaging options available. I have used them all, from MSN Messenger to Yahoo Messenger to ICQ.
But the problem was that they weren’t safe. If a chat platform or government wants to eavesdrop on your conversations, they can very easily. But thanks to Edward Snowden, we eventually figured out how little privacy we have on the Internet.
Since then, tremendous progress has been made in making it harder for people to eavesdrop on our conversations. Among them is a highly encrypted application for smartphones and desktops called Signal, created by Moxie Marlinspike with a wonderful name.
Below, I’ll go over the features that make Signal so secure and how to enable them. Since I am using an iPhone, I will focus on this device, but the following applies equally to Android phones.
Be sure to also read my previous posts on this topic: Is your messaging app really safe? and Best Encrypted Messaging Apps, the latter of which talks about a couple of other secure messaging apps you can use.
Strong end-to-end encryption, no user records
The only weak point in the Signal chain is that you need to register a valid phone number in order to use the app. Until they figure out a way around this, Signal won’t be completely anonymous.
But you can balance this with very strong end-to-end encryption and no user records. This means Signal does not keep any logs of your calls, except for the last login to the service. This way, you can tell by your phone number that you are a Signal user, but no one will ever know who you are talking to or what you are talking about.
Set a Screen Lock PIN on the Signal app itself
If you have a mobile phone, you must have a screen lock PIN. It’s just a given. But you can also add an optional screen lock PIN to Signal for added security. You can also use Touch ID to open Signal, but this is not recommended.
To add a screen lock PIN to Signal, go to Settings Privacy. Scroll down to Screen Lock and slide the switch to enable it.
You will also be asked when you want to disable the screen lock. I recommend choosing Instant.
Hide messages from appearing on lock screen
If you have Signal locked, it gets a little ironic if messages from people start popping up on your phone’s lock screen. It gives out the game, doesn’t it?
So instead of seeing the full message on the screen, you can set up notifications so that you get either just the sender’s name (which, frankly, is still too much information), or my preferred option, which is a notification that only it says “New Message”.
In Settings, select “Notifications” and then “Notification Content”.
Now decide which one you need.
Make sure you are talking to the right person
Since end-to-end encryption exists, the chances of a man-in-the-middle attack are slim. Here, an attacker finds himself in the middle of a conversation between two people and intercepts messages, posing as one of the participants in the call or chat.
But in life nothing is guaranteed except death and taxes. This is why you should still take additional steps to make sure you are talking to the right person.
There are two verification methods. One for voice calls and one for text chats.
When making a voice call after establishing a connection, a two-word test phrase appears on the screen. Both sides see it on their screens.
So, one person says the first word and another says the second word (for example). Anyone who tries to interfere with the conversation and impersonate one of the callers will not know what the phrase is, because it will not be on the phone.
For text chats, this is a little tricky, but the plus is that you only need to do it once (or until they register a new device with Signal
First, when you send a message to someone, their identification key is downloaded to your device, and Signal automatically assumes that this key comes from the right person. But if you want to test a person’s good faith again, it’s easy. Just click on his name at the top of the chat screen. 
Now click on View Security Number.
He then presents you with an identification key along with a QR code. If the person is physically with you, you can scan the QR code and Signal will immediately confirm it (or not). Otherwise, ask the person via text chat to return the ID key to you.
When it is confirmed, you can click the “Mark as Confirmed” button.
Self-Destructing Messages
Finally, as any good criminal will tell you, if you don’t want to be caught, you need to get rid of the evidence.
You can of course delete messages, but as a human being it is very easy to forget them. That’s why Signal Fading Messages is really handy.
This is where you send a message to one of your Signal contacts, and after the message has been read, it is erased from your device and their devices – no way to get it back.
To enable “Disappearing Messages”, click on the contact’s name at the top of the chat window.
Now scroll down to “Disappearing Messages†and turn it on. Below it, you will see a slider where you can specify when the messages should disappear. Choose this as you see fit, although you should give the other person a reasonable amount of time to read the message.
Now, when you send a message, a timer appears on the screen, counting down until the message disappears.
Conclusion
There are several other cool features that make Signal a very secure application, such as registration blocking to prevent your phone number from being deregistered, and relaying your voice calls through Signal servers to hide your IP address.
But the ones I’ve looked at in more detail are the best and illustrate why you should ditch WhatsApp in favor of the Moxie alternative.
–