Messengers
Which messenger to pick when private conversation matters. There’s no universal answer — every option has tradeoffs. Below: a short recommendation for typical cases, then a detailed look at 13 messengers.
Recommendations
- Personal chats
- → Signal / Molly. The Signal protocol is the de-facto standard for end-to-end encryption; both client and server are open source. Molly is an alternative client with extended local protection. The downside — phone-number registration is mandatory.
- For a team
- → Element / Matrix. A federated protocol — you can run your own server. Private rooms are encrypted by default.
- Minimum metadata
- → SimpleX. The server doesn't even know your contact graph — routing goes through queues, with no user identifiers. The downsides — an interface that's hard for casual users, and no simultaneous use across multiple devices.
Criteria
Each messenger below has a short summary across six axes:
- End-to-end encryption (E2EE) — whether E2EE exists and which protocol: E2EE always · E2EE optional · no E2EE. Marked
auditedfor vetted standards (Signal Protocol, Olm/Megolm, NaCl, PQ3). - What the server stores — what data the operator holds: server stores nothing · server stores account only · server stores contact graph · server stores everything.
- Sign-up — what’s needed for an account: no sign-up · username sign-up · email sign-up · phone sign-up.
- Open source — open source (client and server) · open source (client only) · closed source.
- Jurisdiction — country of data storage and country of legal accountability. For example: US jurisdiction · Swiss jurisdiction · BVI & Dubai jurisdiction.
- Access from Russia — in Russia — yes · in Russia — in stores · in Russia — sideload · in Russia — blocked.
Sideload — installing an app outside the official store (App Store / Google Play, where Russia-region builds aren’t published). On Android — download the APK from the developer’s site and install manually, allowing installs from unknown sources. On iOS — sign in to the App Store with a foreign Apple ID, install via TestFlight or third-party installers like AltStore. Technically it works, but updates don’t arrive automatically — every release has to be applied by hand.
E2EE optional — the app supports end-to-end encryption but doesn’t enable it by default. You have to manually create a secret chat (Telegram Secret Chats) or turn E2EE on in channel settings (Rocket.Chat).
For personal chats
Signal
Strong cryptography (the Signal protocol with independent audits), open client and server, minimal server-side metadata thanks to Sealed Sender. The downside — mandatory phone-number registration; the alternative client Molly extends local protection but doesn't remove the phone-number requirement.
E2EE — Signal Protocol (audited) server stores account only phone sign-up open source (client and server) US jurisdiction in Russia — sideload
SimpleX
No user identifiers: routing goes through queues, and the server doesn't know your contact graph. Open client and server. The downsides — small user base, an interface that's hard for casual users, and no simultaneous multi-device use.
E2EE — own protocol + post-quantum server stores nothing no sign-up open source (client and server) UK jurisdiction in Russia — in stores
Threema
Swiss jurisdiction, an 8-character Threema ID with no link to phone or email, open-source client. The downsides — paid app, server side is closed, and you have to swap IDs with your contact through another channel.
E2EE — NaCl (audited) server stores account only username sign-up open source (client only) Swiss jurisdiction in Russia — sideload
Delta Chat
Uses email as the transport; Autocrypt encryption rides on regular SMTP/IMAP — enabled by default since version 2.0 (2025), but only works if your contact's client is compatible. The server is your email provider, so jurisdiction and exposed metadata depend on that choice (Posteo or Mailbox.org — Germany, Gmail — US, Yandex — Russia; Proton Mail only works on desktop via Proton Bridge, not on mobile). The downside — the interface lags behind mainstream messengers.
E2EE* — Autocrypt/OpenPGP server stores contact graph email sign-up open source (client and server) jurisdiction: depends on email provider in Russia — in stores
* if your contact's client is compatible
iMessage
End-to-end encrypted by default between Apple devices, identifier — Apple ID (phone or email). The downsides — Apple devices only, the client is closed; with iCloud Backup enabled and Advanced Data Protection off, keys and history are backed up to Apple's cloud, and the company can hand the contents over in response to lawful requests.
E2EE — PQ3 (Apple, open spec) server stores contact graph Apple ID sign-up closed source US jurisdiction in Russia — in stores (iOS only)
End-to-end encryption for all chats, based on the Signal protocol. The downsides — owner Meta uses the contact graph and metadata across its products; the client is closed, with no reproducible builds; phone-number-tied; chat backups to Google Drive / iCloud aren't end-to-end encrypted by default (the E2E-backup option has been available since 2023, but it has to be turned on manually, and most users leave the default in place). Blocked by Roskomnadzor since late 2025; status is unstable — at different times it may work directly, partially, or only via VPN.
E2EE — Signal Protocol server stores contact graph phone sign-up closed source US jurisdiction in Russia — sideload
Viber
E2EE is claimed but implemented on a closed protocol with no independent audit. Legal entity — Viber Media S.à r.l. (Luxembourg), parent — Rakuten (Japan). The downsides — closed client, ads and purchases baked into the UI; the contact graph and metadata stay with Rakuten.
E2EE — closed protocol, unaudited server stores contact graph phone sign-up closed source Luxembourg & Japan jurisdiction in Russia — yes
Telegram
End-to-end encryption only in Secret Chats for 1-on-1 conversations (MTProto 2.0), and they have to be created explicitly. Regular chats, groups, and channels live on Telegram's servers in a form readable by the company itself. The downsides — split jurisdiction (British Virgin Islands + Dubai); phone-number-tied; closed server. Blocked by Roskomnadzor since spring 2026, with unstable status — at different times it may work directly, partially, or only via VPN.
E2EE optional — MTProto 2.0 (contested reputation) server stores everything phone sign-up open source (client only) BVI & Dubai jurisdiction in Russia — sideload
MAX
Russian messenger from VK; mandatory pre-installation on new smartphones in Russia since September 2025. No end-to-end encryption; protection is at the transport level only (TLS) — message and call contents live on servers in plaintext, accessible to the operator. The downsides — phone-number sign-up, closed client, data stored in Russia and subject to government data-handover requirements.
no E2EE — TLS in transit server stores everything phone sign-up closed source Russia jurisdiction in Russia — yes
For a team
Element / Matrix
A federated protocol: you can run your own homeserver, and then the metadata stays with you. End-to-end encryption is on by default for private rooms. The downsides — on someone else's homeserver (matrix.org and similar) the metadata is visible to that host; the interface and initial setup are heavier than mainstream messengers.
E2EE — Olm/Megolm (audited) server stores: depends on homeserver username sign-up open source (client and server) jurisdiction: depends on homeserver in Russia — in stores
iOS · Android · Desktop · Element source code · Synapse (homeserver)
Rocket.Chat
Open source, available in two flavours: self-hosted (you run it) or cloud from the developers (Rocket.Chat Technologies, US). E2EE exists, but is enabled per-channel and doesn't cover every kind of data: push notifications, threads, and search work outside the encryption envelope. Jurisdiction and data access depend on the chosen flavour: with self-hosted — yours, with cloud — Rocket.Chat Technologies'.
E2EE optional — AES + RSA, unaudited server stores: depends on host username sign-up open source (client and server) jurisdiction: depends on host in Russia — in stores
Slack
No end-to-end encryption: the server sees messages, files, and calls. A workspace admin can export the full history, including direct messages (on paid plans). Since September 2024 Slack has stopped serving Russian accounts under US sanctions — the service is unavailable to users in Russia.
no E2EE — TLS in transit server stores everything email sign-up closed source US jurisdiction in Russia — blocked
Discord
Text messages — no end-to-end encryption; for audio and video calls Discord rolled out the DAVE protocol with E2EE in 2024, mandatory from March 2026. Servers and the company are US-based; metadata and the contact graph stay with Discord Inc. Blocked by Roskomnadzor since October 2024.
no E2EE for text, DAVE/MLS for voice/video server stores everything email sign-up closed source US jurisdiction in Russia — blocked
FAQ
What is end-to-end encryption (E2EE) and why does it matter? End-to-end encryption is encryption where only the conversation participants hold the keys, not the server. The server sees only encrypted traffic and can’t read the contents — even if it’s hacked, the company is sold, or a government request arrives. Without E2EE, messages live in plaintext on the operator’s servers and are accessible to its staff, to anyone the operator hands data to on request, and to anyone who gains server access.
What is TLS and why isn’t it enough? TLS (Transport Layer Security) is encryption of the channel between your device and the server. It’s the baseline standard for the modern internet — HTTPS, messengers, VPNs. TLS protects the message from eavesdropping on the device-to-server leg: your ISP, the Wi-Fi owner, and a state-run traffic analyser won’t see the contents. But on the server itself the message is decrypted and stored in plaintext — the service operator sees everything. TLS is a necessary minimum, but without E2EE it doesn’t protect you from the operator or from server-side leaks.
Why is a phone number as your ID a weak spot? A phone number ties the messenger to your real-world identity (operator-held passport data, billing). With a SIM-swap or a leak at the carrier, an attacker can take over the account. Messengers tied to phone numbers have a history of contact-graph leaks via user-number disclosure (Telegram, WhatsApp).
What is forward secrecy and why isn’t it shown in each card? Forward secrecy is a protocol property where compromising one key doesn’t unlock past conversations: each message has its own key. Signal, Matrix, and Telegram Secret Chats have it, iMessage has it partially; Slack, Discord, and MAX have no E2EE so the question doesn’t apply. We don’t break it out separately: for messengers with serious end-to-end encryption it’s table stakes.
Can a closed client with an open crypto protocol be trusted? WhatsApp uses the Signal protocol — that’s an open spec, the protocol can be analysed. But the client is closed, and without reproducible builds there’s no way to verify that what’s in the store is exactly what was built from the open code. A backdoor can sit before the encryption (e.g. silently copying the message before the E2EE wrapper), and an outside observer won’t see it.
Are federated messengers (Matrix, Delta Chat) a kind of VPN? No. A VPN is a tunnel for all of a device’s network traffic. A federated messenger is about not having a single server owner: you choose a homeserver or email provider through which your conversations flow. Metadata and trust go to whichever operator you pick (including yourself, if you run your own). VPN and a federated messenger can be used together.