At Meta, our messaging apps help billions of people around the world stay connected to those who matter most to them. This scale brings potential threats from criminals and hackers, so we have a responsibility to keep people and their data safe. We’re sharing a set of principles to ensure that security is central to the design of our messaging apps.
These are our five core security principles that guide us in developing secure private messaging apps for people:
- Build secure services for all
- Security by design and defense in depth
- Reduce the attack surface
- Be transparent and invite scrutiny
- Build for the future
These principles serve as reference points for private messaging design decisions and complement our broader enterprise-wide information security practices. These principles do not live in isolation, and in many cases, we are considering all five of them simultaneously as we develop our messaging apps.
Build secure services for all
These services are built for wide-scale use among those who use our technologies. We strive to provide intimate, feature-rich, and user-friendly services that provide secure messaging for billions of users, where only the intended recipients can access end-to-end encrypted messages.
People all over the world use our messaging apps, so we strive to make them easy to use while also highly secure. Some people use our apps in low-connectivity areas, using unreliable networks and infrastructure, or only have access to devices with limited functionality, so it is important that our apps work effectively in those environments to keep everyone’s private messaging secure.
Additionally, people rightfully expect control over their private communications, so we provide them with the ability to validate their security where possible. At the same time, we aim to be transparent and ensure that people using our apps can hold us accountable. Finally, we work hard to give people control over how they use our apps and make it easy for them to use our security tools to help protect their accounts.
Security by design and defense in depth
Private messaging apps should be secure by design. Security should be at the forefront of how we develop the services and be layered throughout our designs — not just an afterthought.
While no system can provide absolute security, we incorporate multiple layers of protection to sustain confidentiality and integrity. It is also important for us to understand our apps end-to-end, meaning we take into account each layer of the service when building security into our products – in particular points where data could be stored. When designing our apps, we use secure-by-default frameworks so that security is incorporated from the outset. These frameworks make it harder to adopt unsafe approaches that might inadvertently undermine security and privacy.
Reduce the attack surface
We want to minimize the opportunities for unauthorized access to peoples’ data, including by us. We work to limit the data we collect and reduce the risk of vulnerabilities by limiting complexity in our designs.
Where we do need to collect data to deliver services, we anonymize or pseudonymize it wherever appropriate. We also strive to limit complexity for our engineers to reduce the likelihood of introducing bugs that may impact privacy or security.
Be transparent and invite scrutiny
We work to build transparency into our services and, where possible, give people the ability to validate their security. We continually share challenges and plans, and empower the wider security community to help critique, develop, and protect our services.
Our goal is to build transparency into our technologies. We aim to give experts the ability to discuss our security tools and processes, share challenges and plans, and empower the wider security community to help critique, develop, and protect our community. We’ll continue to engage directly with stakeholders on these issues through roundtables with privacy experts, responding to external papers on what we do, and publishing our own whitepapers.
We also encourage and reward independent researchers for finding any impactful security vulnerabilities through our bug bounty program.
Build for the future
Developing secure services is an evolution. We must build our services with the ability to move quickly to remediate attacks (or other vulnerabilities), incorporate new technological developments, and address upcoming threats.
We want everyone who uses our messaging apps to feel comfortable and secure. By sharing the five principles that ensure security is always top of mind, we hope to create transparency and clarity on our process for developing our private messaging apps while innovating and improving our security. Our dedication to finding and dealing with security issues has allowed us to support billions of people and their messages globally.
Learn more about our security principles
You can read more about our security principles in our whitepaper.