Meta may not be a bastion of digital privacy (and very well may be an enemy of it), but the times might be a-changin’. In August of 2022, the company announced it was testing end-to-end encryption (E2EE) for Facebook Messenger as the default, meaning all Messenger users would have their chats protected from spying eyes unless they choose not to. Following expanded tests earlier this year, Meta has finally done it: One-on-one Messenger chats and calls are now encrypted by default.
How end-to-end encryption works
With typical messaging, texts are stored openly on your device, the device you send them to, and the server of the messaging platform (i.e. Facebook Messenger itself). Those messages can be read by anyone with access to the devices where those messages are stored, including the hosts of the messaging platform. That makes it easy for a company like Meta to hand over your messages to an authority, should such a request come through.
With end-to-end encryption, however, messages aren’t sent and stored in plain text, but rather they’re “scrambled.” If you were to try to read an encrypted message, it would appear as an unrecognizable jumble of characters, making it useless to intercept.
To unscramble the message, you need a “key.” For messaging purposes, that key is either your device or the recipient’s device. Those two devices are the only devices capable of unscrambling your particular conversation—even though Meta is facilitating the passage of these messages, it has no way to unscramble the messages for itself or anyone who comes asking for them.
How to enable end-to-end encryption in Facebook Messenger
The new E2EE update is rolling out starting today. Once it hits your account, you'll see a notification explaining the changes. From here, Messenger will invite you to choose a PIN: You can use this number to access your Messenger messages on new devices. Be sure to write the PIN somewhere secure, though. If you forget it, you won't be able to access your previous messages on other devices, only devices you currently have set up with the PIN.
That's all there is to it for personal chats: Once updated, you can chat away with friends one-on-one without doing a thing, knowing that your messages are encrypted and protected. Group chats can be encrypted too, but it's still opt-in at this time. To do so, tap the group chat name at the top of chat, then look for the "Start end-to-end encrypted chat" option.
How to use end-to-end encryption in Messenger before the update
If the update is taking a while to roll out on your end, you can still take advantage of the old way to use E2EE in Messenger. This hidden feature is called “secret conversation,” and it’s fairly straightforward to use (albeit a bit buried). To start, open a chat you’d like E2EE for, then tap the person or group name at the top of the display. Under “More actions,” tap “Go to secret conversation” or “Start end-to-end encrypted chat,” and Messenger will instantly open up a new E2EE chat.
The catch is that the other user needs to be using a device and Messenger app that is compatible with secret conversations and E2EE. If they aren’t, you’ll get an error message when you try to send anything in a secret conversation.
E2EE used to be quite limited on Messenger. You’d get a simple black and white theme to denote the special nature of the chat, all without the usual bells and whistles you’d expect from a Messenger chat. However, following a January update, you can now access many of the usual Messenger features, like chat themes, custom emojis and reactions, group chats, group pictures, link previews, active status, and chat bubbles (Android only).
Just keep in mind, you’ll see two chats in your app for each contact you started a secret conversation with. Make sure you tap on the thread with the lock icon, not the normal conversation, if you want your messages protected. Once E2EE is fully rolled out, I expect this won’t be a problem.