Secure Messaging Applications

Using online messaging applications is one of the most popular communication methods in Cambodia. As of January 2021, there were 21 million mobile connections in a population of 16,8 million. Put differently, the mobile connections penetration index was 125%. The popularization of mobile phones with data plans has resulted in remarkable online security-related problems. That is because while most citizens use mobile phones and online messaging applications daily, not many people are aware of the associated privacy issues and security features offered by messaging applications. Mr. Ngeth Moses, a prominent Cambodian digital security expert and consultant, stated in the 2022 Cambodia ICT Camp.

Digital security refers to the practices aimed at securing and protecting one´s identity online. In the digital age, where technology is intertwined closely with an individual’s day-to-day life, securing personal information is necessary to shield one’s privacy and sensitive information from cyber thieves. Online communication, including messaging applications that offer little to no security protection options, might result in data and security breaches.

Given the importance of strengthening online security measures, Moses held an exciting and engaging workshop on Secure Messaging Applications during the 2022 Cambodia ICT Camp. He provided an overview of online message security, focusing on various approaches to choosing secure online messaging applications that guarantee users’ privacy and protection from hackers.

In front of 38 participants (12 of them were women), Moses stressed the importance of choosing a messaging application that protects users’ privacy and secures their financial information. He also noted that selecting messaging applications using encryption protocols, open sources, and two-factor authentication (2FA) is essential.

When Moses asked participants to define encryption, only a handful of them responded to his question. While some participants knew what the term means, they could hardly explain it. Then, Moses explained that, in simple terms, encryption is a method to transform and convert information into code that conceals the message’s content.

To claim they are secured, Message applications must offer end-to-end encryption acting as an added privacy layer for extra protection to prevent third parties from reading users’ messages and obtaining sensitive information one user has sent to the other. Moses stressed that third parties and hackers can tap into the communication traffic and access users’ private messages and information if the end-to-end encryption feature is not available or turned off. Moreover, end-to-end encryption does not come as default in applications like Telegram and Facebook. Users need to turn on the specific chat mode to enjoy this feature. On the other end, applications like Signal, Threema, Wire, and Session offer stronger privacy and data protection options. Increasing people’s digital literacy, especially on security issues, has become paramount in light of the establishment of a digital gateway that will manage internet traffic in Cambodia. The National Internet Gateway (NIG) will challenge people’s fundamental rights like freedom of expression and the right to privacy, exposing people’s online data without their permission, thus shrinking the country’s civic space.

2FA is an effective mechanism that adds a layer of security to the user’s account. Besides log-in credentials that include username and password, 2FA requires extra login credentials to access the account. 2FA credentials are provided through a text message, email, or using a third-party authenticator application. Moses pointed out that even if users’ usernames and passwords are stolen, 2FA helps prevent a user’s account from being hacked. He recommended everyone choose a message application with this feature and turn it on to protect themselves and their accounts from being hacked.