Messaging is not only among the top activities on smartphones (if not THE top activity), messaging apps are increasingly seen as social networks. After all people use them to send each other texts, videos, photos and other content either one-on-one or as a group. Sounds familiar, right? While WhatsApp is an international phenomenon, it still isn’t as big a deal in the US. It’s also purposely light on features due to a “no ads, no games, no gimmicks” policy. But as it is with any hot trend, there’s no shortage of alternatives. Below is our side-by-side feature comparison for today’s top contenders this side of the globe, followed by some notes on each company’s Terms of Service and Privacy Policy to give you some perspective on where they stand. Though we’ve highlighted some of the most popular options, depending on where you are reading from, you might be wondering why WeChat and KakaoTalk weren’t mentioned – both are bigger than BBM after all. Our goal isn’t to cover every other client out there but to give you a general view of what’s available.

Notes on privacy and security

Privacy and security are hot topics these days with all the high profile data breaches and government (or otherwise) snooping. While we can’t vouch for any particular service, it’s true that some are more consumer friendly than others in this respect. I took a closer look at their policies and here’s what I could gather.

WhatsApp

WhatsApp prides itself of being anti-advertising and thus not storing anything past your phone number (which it needs to function) or caring about the contents of messages. But the company has seen its fair share of criticism for being careless with privacy and security – messages used to be sent and received in plain text and hackers have demonstrated how to hijack an account. Things have gotten better but the company is still fairly noncommittal and vague about this.

For one thing, WhatsApp’s TOS says it uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information. The service’s support staff have said messages are encrypted in the “latest version” of the iOS and Android clients. It’s not clear what they’re using, the TOS make no mention of encryption whatsoever and warn about using public Wi-Fi. The contents of messages are routed through the company’s servers to the intended recipient and are not copied, kept or archived. If the recipient is not online, the undelivered message is held in WhatsApp’s servers until it can be delivered, for up to 30 days before being deleted. Like all others on this list, they do leave some doors open saying they may retain some information when legally compelled to. While relying on information from your address book is a fast and convenient way to quickly find people you know and who are also using WhatsApp, it means that phone numbers from everyone’s address book are mirrored on the company’s servers. Furthermore, anyone who has you on their phone’s address book (whether you’re aware or not) will be able to see your profile picture, current status and last online timestamp unless you block them. An update designed to fix this is already in beta featuring new privacy settings that’ll let you chose who’s able to see these things.

LINE

Line’s terms of service emphasize the company’s commitment to privacy and security but doesn’t give out much details regarding methods used for encryption. As far as data collection goes, the app requires a mobile phone number and optionally an email address if you’ll be accessing it from a computer or other devices. Line also accesses phones and emails from your address book to find friends using the service and stores that information encrypted on their servers. If two users have each other in their address books they’ll be automatically matched as friends. If only one of them has the other’s phone number, the one without the other person in his contacts will see him under Friend Recommendations, while the person who has the phone number stored will see him in under Friends. This can be modified at any time withing the app’s privacy options so you can change it (and other privacy settings) to something you are comfortable with.             As far as messages are concerned, a Line spokesperson was only able to tell us that communications are encrypted (transmitted through HTTPS) and that “all chat history will be disposed of after the storage period” – exactly for how long your chat history is stored on their servers is unclear. If a user decides to delete his or her account, all data including purchases, phone numbers, Friends/Groups list, and chat history will also be deleted. Their privacy policy is available here.

Viber

Viber also relies on a phone number and accesses your address book to find people you know who are using Viber. A copy of the phone numbers from your address book is stored in the company’s service, and unlike WhatsApp or Line, Viber also collects names. The company says it only uses this information to provide certain features and will erase it after 45 days of no activity. Alternatively, you can deactivate your account and erase all data from within the app. Their privacy policy doesn’t mention encryption explicitly but the company’s CEO has been quoted saying messages are indeed encrypted and deleted as soon as they are seen by the recipient, or after up to two weeks sitting unopened. Viber doesn’t offer many privacy-focused options on its mobile app but the few in there are definitely welcome. You can hide read receipts, hide your online status, clear your entire message history, and opt-out of Google Analytics data collection – which is said to be used anonymously to improve the service. Their terms of service can be found here.

BBM

BlackBerry uses Triple Data Encryption Standard for its PIN-to-PIN messaging service. Although the service is widely reputed for being secure, concerns have been raised over the company’s use of a global cryptographic key, which is shared between every BlackBerry device manufactured and is known by BlackBerry as well. There are no reported cases that we know of exploiting this issue, however – which would require intercepting messages at the cellular service provider’s network and spoofing the intended recipient’s PIN. BlackBerry hasn’t responded to our inquiries about how long they keep messages stored. On the privacy front, the fact that you have to use a unique PIN to communicate means you won’t receive messages from people you haven’t accepted into your contacts in the first place. While that’s a good thing the downside is that it is much more of a hassle than WhatsApp and the like to build up your contact list. Privacy focused settings within the mobile app are limited to opting-out from uploading contacts to the BBM server and hiding your location. BlackBerry’s BBM Terms of Service and Privacy Policy are available by country but we can’t really tell if there are any significant differences.

Hangouts

Hangouts is governed by Google’s terms of service and privacy policy meaning it’s subject to the same data collection as any of their other services – Gmail, Search, etc. Basically Google says that anything you submit remains your sole intellectual property but you grant the company a worldwide license to use, reproduce and modify the content for the purpose of operating the service, promote it and show you tailored ads or search results. See their Terms of Service and Privacy Policy. By default, Hangouts conversations are stored in the cloud, and they have no storage or time limit. This means that when you move to a new device, all of your conversations are instantly available when you sign in to Hangouts. It also means your chat history will remain available to Google’s data mining algorithms. That said, you do have a few options. You can turn off chat history for individual Hangouts. You can clear one-on-one conversations by moving email threads associated with them within Gmail to the trash, then deleting them from the mobile client separately. And you can use takeouts to grab a copy of your chat history if you decide to wipe it off Google’s servers. The company also keeps identifiable information for an unidentified period of time and may share personal information under certain circumstances. Google encrypts many of its services using SSL (Hangouts is not mentioned explicitly though we’d be surprised if it wasn’t) and offers security safeguards like two step authentication. In-app privacy settings are limited to what you see on the image to the left.

Facebook Messenger

Facebook Messenger is governed by Facebook’s Terms of Service and Data Use Policy. Similar to Google, this is a cloud-based service so messages remain on the company’s servers, and are available on the web or other devices associated with your account. Also like Google, Facebook’s revenue comes from advertising. There’s nothing specific to Messenger that I could find in their lengthy terms and policies but, in general, anything you put on Facebook can be used by the social network to provide you with services, features and relevant ads and content. Anonymized information is shared with advertisers and other service providers. As far as the app itself is concerned Facebook optionally asks for a phone number so you can use the service even if you don’t have a Facebook account. Your contacts will sync with Facebook’s servers by default but you can turn that off from the settings tab – that’s pretty much the only privacy setting you’ll get. Messenger uses SSL encryption, similar to the rest of Facebook. Messages remain on Facebook servers until both the sender and the receiver delete the message. You can terminate your account and delete your data if you no longer want to use the service. However, copies of messages you’ve sent to other people will still be visible to the recipients. (Updated 02/25 with feedback from Facebook)

Telegram

Telegram is a relative newcomer to the mobile messaging scene and as WhatsApp recently suffered from an outage, Telegram’s user base benefited adding a few million users during the weekend. It was a lucky break for the service, which has been pitching itself as a safer alternative to WhatsApp all along, citing stronger encryption and a decentralized infrastructure with data centers in different jurisdictions. The company is so confident in its claims that they’re currently running a challenge offering $200,000 to the hacker who can break Telegram. The service supports two layers of secure encryption: server-client for regular chats and client-client for ‘secret’ chats. Both use 256-bit symmetric AES encryption, RSA 2048 encryption and Diffie-Hellman secure key exchange. The main difference is that regular chats – including messages, photos, videos and documents – are kept on their servers so you can access them at any time from any device. In secret chats on the other hand all messages are erased as soon as they are delivered and no logs are kept by Telegram. For the same reasons secret chats are not available in the cloud, you can only access those messages from the device they were sent to or from, while an optional self-destruct feature ensures they disappear from participating devices as well after a set time.             Telegram is a not-for-profit service headed and funded by VK founders Pavel and Nikolai Durov. They claim they’ll never sell ads, accept outside investment, or sell to another company. Although they are currently covering costs with “a generous donation” through founder Pavel Durov’s Digital Fortress fund, Telegram says if it ever runs out of cash they’ll open donations or add non-essential paid options.

Illustration “Face to face in conceptual social media” from Shutterstock.