Many providers of secure messengers claim that their product encrypts the messages that users exchange. However, most of the server operators can still read the content of the messages due to the following reasons:
• Transport encryption only: usually only the connection between the mobile device and the server is encrypted, e.g. using SSL/TLS. While this means that messages cannot be intercepted while in transit over the network (a common problem in public WiFi hotspots), they are in an unencrypted format once they reach the server.
• End-to-end encryption without key verification by user: in this case, the provider claims that they utilize end-to-end encryption, but due to missing user interface functions, the user has no way to verify that another contact's public key really matches with the private key that is only known to that contact. Therefore, it is relatively easy for an operator to perform a MITM (man in the middle) attack by manipulating the automatic key exchange without being detected. Subsequently, they can decrypt and even forge exchanged messages.
SafeSwiss uses state of art end-to-end encryption technology and enables users to verify the public keys of their conversation partners.