《DKA:2021年即时通讯应用与通讯平台对比分析报告(英文版)(17页).pdf》由会员分享,可在线阅读,更多相关《DKA:2021年即时通讯应用与通讯平台对比分析报告(英文版)(17页).pdf(17页珍藏版)》请在三个皮匠报告上搜索。
1、Messaging Apps&Communication PlatformsComparative AnalysisFebruary 2021 www.dka.global2Table of ContentsDeep Knowledge AnalyticsIntroduction3Methodology of the Assessment4Messaging Apps:Score by Features5Messaging Apps:Score by Security7Total Score9Trade-offs between Features and Security11Operating
2、 System,Hardware and Other Issues13Corporate Communication Platforms14Conclusions16Disclaimer17User concerns regarding privacy in messaging apps have spiked in recent years.Incidents of data breaches have alarmed many customers and forced them to reconsider their standard attitudes towards messaging
3、 apps and the security of their personal information.Some situations and events have steadily deteriorated public trust,resulting in many users wondering whether they have lost control over their own data.Users of messaging apps and platforms report concerns about businesses,advertisers and governme
4、nts accessing and using their data.These growing privacy concerns have prompted advocacy for tighter regulations.In addition,they have placed companies responsible for safeguarding personal data under greater scrutiny.At the same time,developments in Information Technologies are bringing new,more so
5、phisticated solutions for messaging and corporate communication.Deep Knowledge Analytics conducted its own independent analysis to identify and benchmark the most secure and convenient messaging apps.In this case study we are assessing convenience,security and accessibility of 18 popular messaging a
6、pps.The study also features a short analysis of corporate communication platforms.Deep Knowledge AnalyticsIntroduction3Messaging apps are essential for our daily activities,including business communication,personal communication,and other domains.For some specific spheres,such as journalism and prot
7、est activities,secure messaging is a central concern,of the utmost importance.The development of Information Technologies has brought numerous advancements to messaging apps.Once suitable only for exchanging texts,most of them now allow voice messaging,voice calls,video calls,and numerous other feat
8、ures.At the same time,the cases associated with Edward Snowden,Pavel Durov,and Cambridge Analytica(among others)have eroded public trust in secure and private messaging by revealing that surveillance of private information on social networks and messaging apps by governments and third parties is a v
9、ery common practice.This has created significant public backlash,fueling the emergence of security-focused apps which offer privacy as their main advantage.Nevertheless,with more attention to privacy,users still care about the convenience and price of the messenger apps.The present special case stud
10、y aims to scrutinize the most popular messengers and communication platforms to find out which of them combine the best user experience with the most robust security and privacy.The study separately assesses the most secure and the most convenient messaging apps,as well as the messaging apps harmoni
11、ously combining these qualities.Deep Knowledge AnalyticsMethodology of the Assessment4This study by Deep Knowledge Analytics compares 18 messaging apps and tools according to 25 variables,to find the most secure,versatile,and accessible apps currently available.The variables were grouped into separa
12、te categories:Security,Features,and Price.The Security Category includes such variables as server security*,end-to-end encryption systems,metadata encryption,blockchain technology,anonymity(e.g.does the app require the phone number?),platform type(open source vs.non open source),transparency report,
13、independence from Google Play or App Store,message self-destruction,lock screen,and independence from big corporations and third-party influencers.The Features Category encompasses such variables as desktop version availability,individual calls,group audio calls,group video calls,screen sharing,voic
14、e messages,read receipts,editing sent messages,unsend message function,clearing message history,3rd party access,and number of downloads in January 2021.The Price Category is a separate category specifying whether the app is free,paid,or freemium(free,but with certain features requiring payment or s
15、ubscription).The score for each variable is coded as 1 if the variable condition is present or true for a given app,0 if the variable condition is absent or false,and 0.5 if some features are accessible only in the paid version or if they have to be activated additionally.The Total Score is an avera
16、ge of Score by Features,Security,and Price.The analysis also provides separate Score by Features and by Security.The assessment is based on analysis of databases compiled for the purpose of this study from a variety of open sources.Total Score Desktop version Individual calls Group audio calls Group
17、 video calls Screen sharing Unsend message function 3d party access Clearing message history Downloads in January 2021 Editing sent messages Voice messages Read receiptsMoney transfers E2E Encryption Independence from Google Play/AppStore Open source platform Transparency report Independence from bi
18、g corporations Independence from third-party influencers Messages self-destruction Lock screen Anonymity Server security*Metadata encryption Blockchain technologiesScore by FeaturesScore by SecurityPrice*Servers are categorized into centralized,federated(decentralized),and peer-to-peer(P2P).Dependin
19、g on the task,some messengers can deploy P2P elements into the first two types.In this case,we give 1 point to P2P networks,0.75 to federated with P2P elements,0.5 to federated,0.25 to centralized with P2P elements,and 0 to centralized servers.Deep Knowledge AnalyticsFeatures Parameters6Desktop Vers
20、ionIndividual CallsGroup Audio CallsGroup Video CallsScreen SharingUnsend Message Function3d Party AccessClearing Message HistoryMoney TransfersDownloads in January 2021Editing Sent MessagesVoice MessagesRead ReceiptsFeaturesTelegram111001110.511110.808Viber111110.5010.501110.792Wire1110111100.00411
21、10.77Signal1111011100.810110.755WhatsApp1111010110.6980110.746WeChat111100.50.5110.1591100.705Facebook111111010.50.3490010.681Rocket.Chat1111101000.001110.50.654Discord1111111000.2061000.631Wickr110.50.50.511100.0060100.577Tox 010.538Element 1111001000.0010.5010.5Threema0110001100.0010110
22、.462iMessage100000110.5N/A0110.458Pryvate1110011000.0630000.389RingChat110.385Session1000001000.0010110.308Briar00000010000010.1541-Yes;0-No;0,5-Partial01Deep Knowledge AnalyticsSecurity Parameters8End to End Encryption(E2EE)Independency from Google Play/AppStoreOpen SourceDoes the Compan
23、y Provide a Transparency Report?No Big Corp BehindZero Influencer EndorsementSelf-destructing MessagesLock ScreenDoes Not Require Phone NumberServer Security*Metadata EncryptionBlockchain TechnologySecurityWickr111110110.5110.50.833Session111010.51010.7510.50.729Signal1111101100.5100.708Threema10111
24、1010.50.75100.688Tox 00.667Pryvate10.667Element 1110110010.75N/A00.614Wire11110.5010100.500.583Rocket.Chat0.5111110010.5000.583Briar00.583Telegram110.50101100.25000.479Facebook0.510100110.50000.417WeChat0.510.5101000000.50.350Discord00.333Viber0.5100001100
25、000.292RingChat0.50.292WhatsApp00.250iMessage00.1671-Yes;0-No;0,5-Partial01Deep Knowledge AnalyticsTotal Score10101-Free;0-Not FreeFeaturesSecurityPriceTotal scoreSignal0.7550.70810.821Telegram0.8080.47910.762Tox 0.5380.66710.735Facebook0.6810.41710.699Viber0.7920.29
26、210.694WeChat0.7050.3510.685Session0.3080.72910.679WhatsApp0.7460.2510.665Wickr0.5770.8330.50.637Rocket.Chat0.6540.5830.50.579Briar0.1540.58310.579RingChat0.3850.29210.559Threema0.4620.6880.50.55iMessage0.4580.16710.542Element 0.50.6140.50.538Pryvate0.3890.6670.50.519Discord0.6310.3330.50.488Wire0.7
27、70.58300.451Deep Knowledge AnalyticsTrade-offs between Features and Security11The analysis demonstrates that the majority of the messengers cannot provide both convenience and security.This inability results from the mutually exclusive strategies they use.One of the most important parameters affecti
28、ng this inability to maximize both security and convenience is file storage.Messengers provide centralised or decentralised(P2P)cloud storage solutions.The second type are considered to be more secure:instead of storing data on centralized servers that can be hacked,they store multiple instances of
29、data on the drives of a decentralized network of other users.Moreover,without a centralized server,there is no single point of failure for P2P systems.There is no one server that can suffer a catastrophic failure,accidentally burn to the ground,or be seized by a third party.Data is stored on the dis
30、ks of multiple(possibly even hundreds)of people,who may be located all over the world.As demonstrated by the success of the P2P BitTorrent protocol,this makes P2P systems almost impossible to censor,block,or shut down,as there is no central organization which can be pressured or coerced.At the same
31、time,it is the source of the potential disadvantage of exposing IP addresses to remote calling peers.It is worth noting that while P2P networks can offer good performance in terms of throughput,this can come at a cost of latency,due to the fact that file pieces must often be retrieved from the other
32、 side of the world and possibly even over dial-up connections at substantial performance cost.A centralized system,on the other hand,allows developers to design systems for maximum performance and provides a level of predictability that is simply not possible with a decentralized system,in which an
33、enormous number of variables(such as the distance between users,each peers connection speeds,and device capabilities)are outside of anyones control.Additionally,a centralized system offers many useful features that users of traditional storage platforms take for granted that are very difficult,if no
34、t impossible,to implement using a P2P model.Source:ProtonMailCentralized serverPeer-to-peer networkFeaturesSecurity12Deep Pharma IntelligenceTrade-offs between Features and SecuritySignalTelegramToxViberFacebookSessionWhatsAppWickrRingChatRocket.ChatWeChatBriarThreemaElementiMessagePryvateDiscordWir
35、eLarge Amount of FeaturesMedium Amount ofFeaturesLow Amount ofFeaturesLeastSecure AppsMedium Security AppsMost Secure AppsDeep Knowledge AnalyticsOperating System,Hardware and Other Issues13While the current analysis focuses on apps themselves,the question of messaging security is also connected wit
36、h the related but distinct factors of Operating System(OS)and hardware.Without making exhaustive conclusions,it is important to state that using the most secure apps does not guarantee privacy and security as personal data(e.g.,Geolocation)may be accessed not only through the apps but through the OS
37、 and hardware itself.Some phone manufacturers offer their own specific messaging services,such as Apples iMessage and BlackBerry Messenger(which was later made available for other platforms).Such strategies may be unrewarding in terms of convenience,as they complicate communication between users of
38、different platforms and thus have a significantly lower client base.At the same time,they can benefit from higher security through the integration of hardware,OS,and apps for enhanced security.One likely trend in terms of future technological developments in secure messaging is an increase in the at
39、tention paid towards OS and hardware considerations,to guarantee higher standards of security.This approach was once enhanced by Blackberry(with their phones being used by the highest governmental officials),but did not withstand general market competition with other phone and software manufacturers
40、.Moreover,sophisticated encryption mechanisms may be useless once the intruder gets physical access to the phone,manages to produce a duplicate of a users Sim-card by borrowing the phone for some time,or obtains personal information required for verification(such as passwords or personal details).Fo
41、r example,Telegram is a popular messenger used for communication and coordination between protesters,who trust this messengers privacy policies over others.However,in many cases these policies can be nullified with the ability of security forces to use physical violence,threats,and blackmailing to g
42、et access to their phones and Telegram accounts with personal information.As such,the developers of messengers have to consider even such brutal scenarios as those described above,which can be easily overlooked during the initial development process.The struggle for messaging security may be compare
43、d to an evolving race in which both intruders and developers search for increasingly creative solutions for their opposed goals.Even if some messaging tool offers sufficient protection from the majority of privacy threats today,there is a risk that hackers would find new breaches and pose new challe
44、nges for developers.And,as mentioned above,those challenges may be both sophisticated and high-tech,or very primitive but still effective.Source:Norton14Deep Knowledge AnalyticsCorporate Communication PlatformsWeb VersionScreen SharingScreen RecordingBackground BlurringWhiteboard and Drawing ToolsEa
45、se of UseMax.Conference ParticipantsAccess to Messages After The End of The ConferenceIndependency From Google Play/AppStore/Microsoft StoreEnd-to-End Encryption(E2EE)Open SourceTransparency ReportFree Access to All The FunctionsNumber of Daily Users(millions)Total ScoreZoom00010.5110.530
46、00.857Microsoft Teams111110.8300100101010.51150.738ClickMeeting110.5110.82525010.51N/A0.5N/A0.703Wickr11110.5N/A0.675Skype111110.925050100010.5400.636Rocket.Chat110000.9N/AN/A110.5110.5120.611Google Meet111100.9250100000010.51000.525Slack110000.91515110010.5120.466Total Possible NumberFor
47、 Free011-Yes;0-No;0,5-Partial15Deep Knowledge AnalyticsCorporate Communication PlatformsCompanies in the globalized age look for the best solutions for managing their communication online.The Covid-19 pandemic and lockdowns all over the world has significantly intensified the need for convenient and
48、 secure corporate communication platforms.Zoom,with wide range of features and easy-to-use interface,dominates the sphere of corporate video conferencing,even despite the known presence of several security concerns.Microsoft Teams and Google Meet are the next most popular video conferencing tools.Th
49、eir main advantage is smooth integration with other services and tools offered by Microsoft and Google.ClickMeeting is characterized by a wide range of features and high security standards.Nevertheless,except for its free trial,the service requires having a paid subscription.ClickMeeting is mostly u
50、sed for webinars.Wickr champions the security scores,but limited usability and paid subscription requirements for teams larger than 10 people make it comparatively unpopular compared to other platforms.At the same time,Wickr serves as a useful illustration of inability to maximize convenience and se
51、curity simultaneously.Skype,which once used to dominate the video conferencing sphere,is still one of the most convenient and popular options,despite several security disadvantages.RocketChat and Slack are mostly known as corporate business communication tools.Nevertheless,they also feature built-in
52、 video conferencing tools.RocketChat also stands out for its security.The Case of ClubhouseClubhouse is neither a corporate communication platform nor a video conferencing tool.Nevertheless,it became one of the most discussed platforms on social media.Even though the app was only launched in March 2
53、020,it gained significant popularity following Elon Musks live talk on January 31.The app does not possess any outstanding features(just the opposite,in fact),and all communication within the app happens through voice conferencing.Nevertheless,the participation of celebrities such as Elon Musk and M
54、ark Zuckerberg,the atmosphere of exclusivity(as participants can join only through invitation by other participants)and the unique voice conference format has made even other platforms(like Facebook and Twitter)consider adopting similar formats.It is difficult to predict now whether the format of Cl
55、ubhouse is a short-term fad or a tendency that will have a lasting impact on communication and social media in the future.Nevertheless,this case study demonstrates how rapidly trends may evolve and how social factors still play a crucial role in the popularity of communication platforms and social m
56、edia.Source:VoxThe present analysis demonstrated that only a few messengers score high on both features diversity and security.Moreover,the apps that are both secure and convenient(such as Wire,Signal,Rocket.Chat,Wickr),rarely become mainstream apps(such as Facebook Messenger,WhatsApp).Signal has no
57、 rival in terms of its Features-Security ratio.Alongside its extra security protocols,it also includes all of the basic messaging tools users are going to need,including read receipts,group chats,and voice and video calls.Tox is aimed at users with high-security needs,worried about spying and censor
58、ship.Everything that passes through Tox is encrypted at both ends with open-source libraries.The program has no central servers that can be raided,shut down or made to hand over data.But it is also an effective instant messaging app in its own right.Telegram is a cloud solution and cannot be conside
59、red“completely secure”:Not only are messages not end-to-end encrypted by default,they are permanently stored on a server,where the service provider(or hackers)could read them at any time.Facebook Messenger enables opt-in end-to-end encryption for secret person-to-person chats,not for groups and not
60、by default.This implies that messages which are not“secret”are at risk of being accessed by more than just users and their chat recipients.Conversations in Session are secured using client-side E2E encryption.Only the sender and the recipient of a message can read it.Once Session is completed and fu
61、lly developed,it should be extremely secure,very private,anonymous,and generally excellent.However,the product remains at a low developmental stage,and is not yet market ready(i.e.,the Onion request system is not yet functional,causing Session to use proxy servers as workarounds).WhatsApp does apply
62、 end-to-end encryption,but user data can still be used for marketing purposes according to their privacy policy,the service is not GDPR-compliant,and it requires both personal data and address-book access,which serve to lower its security.WeChat is exposed to third-party circumvention due to its kno
63、wn security holes like,for example,a lack of end-to-end encryption.Moreover,all WeChat accounts,no matter how and where they were registered,are subject to constant monitoring by the Chinese government.Wire received heavy criticism in 2016 for several security issues.While Wire seems to have recover
64、ed from most of its security scares,the app still hasnt gained the confidence of users.Overall,this analysis demonstrates that,despite many advancements in the security of apps,there are not yet any 100%secure messaging apps,although there are many relevant options.16Deep Knowledge AnalyticsConclusi
65、onsDISCLAIMERThe information and analysis provided in this document were prepared by Deep Knowledge Analytics(DKA).The sources of information contained herein are deemed reliable by DKA,however,DKA makes no representations regarding to the accuracy or completeness of such information.Though the info
66、rmation herein is believed to be reliable and has been obtained from public sources believed to be reliable,we make no representation as to its accuracy or completeness.Hyperlinks to third-party websites in this report are provided for reader convenience only.Opinions,estimates and analyses in this
67、report reflect the opinions of DKA as of the date of this report.DKA has no obligation to update,modify or amend this report or to otherwise notify readers in the event that any topic,opinion,estimate,forecast or analysis set forth herein changes or subsequently becomes inaccurate.This report is provided for informational purposes only.www.dka.globalinfodka.globalCONTACT US