End-to-end encryption is a technique that allows the sender of a message to “lock” their message by scrambling the original contents into a random mix of letters and numbers (known as “encryption”). Only the recipient(s) can “unlock” the message data by turning the scrambled jibberish back into the original message (known as “decryption”). Any party that helps deliver the message is only able to see this jibberish, and therefore the message’s true contents are effectively “locked” as it travels through servers, ISPs, and telcos and is stored in databases. Because the message is encrypted from endpoint to endpoint without any gaps, this secure message encryption technique is known as end-to-end encryption.

End-to-end encryption uses a system of digital “keys” to give access to encrypted data. With end-to-end encryption, there are two types of keys: a public key and a private key. The public key is like a publicly listed street address, and the private key is like the key to that building’s mailbox. Other people can send encrypted messages to you by looking up your address (your public key), but only you can open them using your personal mailbox key (your private key).

When a message is sent, it’s encrypted before it leaves the sender’s device and can only be decrypted using the recipient’s private key on their phone or device. And that private key is created and stored only on their device. There is no record or copy of it anywhere else, meaning that no one knows what it is and therefore no one else can decipher any messages sent to them. This includes the system managing the public and private keys, the app developer, the Internet provider, the server, the hardware maker, hackers, etc. There is no backdoor, because any access that is created for “good” reasons can usually be exploited for nefarious or “bad” reasons. 

Did this answer your question?