Secure messaging has become a point of increasing contention in recent years, as multiple services are beginning to crowd the market. Like any technological tool, it offers benefits to the masses but also serves up opportunities for malicious actors to test the strength of that security, and for individuals to misuse it to do things like spread misinformation or conduct illegal activity. Recently we have seen a spate of new messaging platforms built on blockchain technology, which threatens to redefine what “secure” means in messaging, and may present threats to organizations on a regulatory level.

When secure messaging isn’t secure

WhatsApp is the largest secure messaging platform with more than 2 billion active users each month. The application touts its end-to-end encryption as the solution to privacy concerns, but has at times shown that it’s not as secure as some users might like. Some of the issues facing WhatsApp and other secure messaging platforms include:

• Despite their encryption, the apps collect metadata about conversations.

• Cloud backups are not always properly encrypted.

• Apps are highly vulnerable to scams, spies and hackers.

For the average user, these faults may not be of significant impact–but for die-hard privacy enthusiasts and those participating in the growing world of decentralized finance (DeFi), blockchain-based messaging offers significant advantages.

The benefits of blockchain for secure messaging

Blockchain technology seems to have an application in just about every aspect of the internet, secure messaging included. While many secure messaging apps have integrated cryptocurrency and other blockchain technology into their platforms, the focus has been on enhancing functionalities other than privacy. Recently, there has been a push to use blockchain tech as a foundation to decentralize communications and provide complete privacy and anonymity for users.

Session, an offshoot of the popular secure messaging app Signal, uses the Service Node blockchain to hide IP addresses of users on the network and allow them to exchange messages without even needing a phone number.

Another service, Secretum, runs on the Solana blockchain and solves the metadata problem by allowing users to communicate solely through cryptocurrency wallet addresses. Both these solutions and others following the same logic are designed to keep prying eyes away from private information through innovative blockchain usage.

Regulatory implications of blockchain messaging

While these secure blockchain messaging apps are an exciting development for individuals laser-focused on data privacy, they are a serious threat to organizations from a regulatory standpoint. The issues we’ve already seen with secure messaging apps, such as JPMorgan Chase allowing employees to use WhatsApp to escape the scrutiny of record-keeping regulations, will only become more difficult to address with blockchain-based messaging. These platforms are designed to minimize or eliminate identifying information and thwart any type of investigation, making them a regulatory nightmare if employees use them to conduct any type of business.

It’s critical that organizations develop a culture and code of conduct that addresses the proper channels through which to conduct communications. Developing training and providing clear policies are two ways to defend against the disruption of emerging blockchain messaging platforms.

A safer alternative, sooner

Blockchain-based secure messaging can be a boon to individuals looking to lock down their own communications, but may spell disaster if employees of an organization misuse them–whether intentionally or not. Companies should focus on fostering a culture of compliant communications, and securing the tools needed to fast-track integrations with new channels as they arise.