Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Is Telegram safe? Here’s what security experts have to say about the app

Telegram is a messaging app that surged in popularity in 2021 after WhatsApp announced changes to its privacy policy that would allow it to share information with parent company Meta. But, is Telegram any better at handing your data? 

Telegram is a free messaging app that works across multiple devices, offering no limits on media sizes, end-to-end encryption via “secret chats” and a whopping 200,000 person group chat capacity. The app even has a Bot API, allowing developers to create their own bots for their chats. 

Up your cybersecurity with NordVPN – Now 62% off plus a random gift of either 3 months or 1 year extra subscription with every purchase. 

Telegram is so confident its messages can’t be deciphered that it’s actually run contests in the past challenging users to try to crack its encryption with a $300,000 prize at stake. The app also has an ongoing bug bounty programme in place to reward anyone who can spot a big enough flaw in Telegram’s app or protocol. 

We reached out to security experts to learn more about Telegram, end-to-end encryption and how the app deals with your data. If you’re interested in their thoughts on other messaging apps, you can visit our guides to Is WhatsApp Safe? and Is Signal safe? 

Save 81% on a VPN with SurfShark

Save 81% on a VPN with SurfShark

Surfshark has dropped the price of its VPN to £1.94 a month. Head over to Surfshark now to pay a one time price of £46.44 for 24 months of Surfshark and save 81%.

  • Surfshark
  • 81% off
  • £1.94 a month
Buy now

Is Telegram safe? 

Antony Demetriades, VP at McAfee, told Trusted Reviews, while the app been around since 2013, its only recently that Telegram has become more of a household name. 

“If you hadn’t heard of Telegram until 2021, you wouldn’t be alone”, said Demetriades. 

“The messaging and social media platform has risen from relative anonymity to become one of the biggest players in the ‘secret messaging’ business in less than a year. With WhatsApp revealing a change to its T&Cs which informed users that their data would be shared with new parent company Meta, many people ‘jumped ship’ in search of a less intrusive messaging option”. 

However, just because Telegram has a more trustworthy reputation than WhatsApp, that doesn’t mean your messages are automatically protected. End-to-end encryption is crucial to keeping your messages private and this is a level of protection that Telegram only offers in specific areas of its app. 

“Telegram has positioned itself as an app committed to private and secure messaging. However, the fact that end-to-end encryption is not automatically used on messages sent in Telegram means it’s not as secure as privacy-focused messaging platforms such as Signal, which offers end-to-end encryption for all communications”, explained Demetriades. 

Searchlight Security CTO and co-founder Dr. Gareth Owenson added that Telegram’s encryption also has its flaws. 

“Telegram has a reputation as a secure messaging app but this is largely due to the feature set it offers rather than the strong encryption. Research by Royal Holloway recently found vulnerabilities in the cryptography used by Telegram”, said Dr. Owenson. 

Up your cybersecurity with NordVPN – Now 62% off plus a random gift of either 3 months or 1 year extra subscription with every purchase. 

While any app can be targeted by the wrong people, Telegram’s secure reputation and lax moderation has also been known to attract criminals in the past. 

“Telegram is also popular amount darkweb criminals and other malicious actors due to its perceived security”, said Dr. Owenson. 

Demetriades agreed, suggesting the service also has a very hands-off moderation approach is causing ongoing issues.

“One of the biggest issues with Telegram is the content shared in the app and the company’s “hand off” approach to moderation. Telegram’s unique combination of messaging and social media, plus its publicly relaxed content moderation strategy means it attracts a certain style of user who may have been outed from more mainstream online platforms”, said Demetriades. 

“A quick Google search will produce multiple examples of how Telegram has been widely used by fringe political groups, while in 2017 security experts also acknowledged that it is in fact the app of choice for terrorist organisations. While this might make the platform appear unattractive, its user experience shows users aren’t exposed to controversial content given they haven’t gone looking for it”. 

Telegram vs other messaging apps 

So, how does Telegram compare to other popular messaging apps like WhatsApp and Signal? F-Secure’s Global Partner Product Advocate Fennel Aurora told Trusted Reviews from a technical standpoint there is a clear winner.

“Signal is mostly seen as the security and privacy standard for this kind of messaging app, and it is what I use primarily myself”, said Aurora. 

“That said, there are cases where Signal can be less private and less safe depending on your definition – for example Signal requires use a phone number for connection with other users, which can have significant physical safety risks for many people who are targeted by stalkers. Telegram for example allows the use of a username instead which can be significantly safer for many people”. 

Comparitech Privacy Advocate Paul Bischoff added that Telegram also requires users to opt-in to end-to-end encryption by creating a secret chat. The lack of end-to-end encryption by default can be its own privacy issue. 

Telegram chats are not encrypted end-to-end by default. Encrypted chats cannot be accessed from multiple devices”, said Bischoff, explaining that the latter does make them more secure but less convenient than WhatsApp. 

Bischoff added, “Telegram has bots, which are powerful tools but can be used for scams and cyberattacks”, though the expert also noted that all three apps have shown documented cybersecurity vulnerabilities over the years. 

Tom Gaffney, Security Consultant at F-Secure added that Telegram’s data handling is comparable to WhatsApp, in some instances.

“WhatsApp and Telegram both work by building communities of users, collecting data on the user related to their device using fingerprinting (phone numbers, device data etc)”, said Gaffney. 

“Additionally, Hackers target both platforms for scams and phishing URLs. Signal by default makes this much more difficult as it’s encryption process requires you to actively accept another user before messaging”. 

When it comes down to it, Gaffney wouldn’t recommend using Telegram (or WhatsApp, for that matter) over the likes of Signal. 

“WhatsApp and Telegram both have had a rocky relationship with user data. Both were implicated in the Snowden leaks and both have not provided evidence of independent code audit or security analysis. They have opaque terms related to data usage and in Whatsapp case, the parent company Facebook derives most of its money from using data it collects. So from a privacy perspective absolutely not as safe as Signal. Security companies such as F-Secure would not recommend them for truly private and confidential messaging”.

Kaspersky Home Security

Kaspersky Home Security

Keep your online activity safe and private across multiple devices – without compromising speed.

Check out Kaspersky’s new security plans from just £10.99 per year

  • Kaspersky
  • £10.99 per year
Buy now

Telegram and your data 

We also asked the experts how exactly Telegram handles your data. 

“If you signed up for Telegram in the UK, your data will be stored in ‘rented’ data centres in the Netherlands”, assured Demetriades. 

“This means the data centres are run by third-parties but a space is rented to Telegram, so personal data is not shared with the data centres only stored using the servers. According to the platform’s privacy policies, all data is stored heavily encrypted so that local Telegram engineers or physical intruders cannot gain access”. 

VP of European Enterprise Research at IDC, Duncan Brown told Trusted the app also refrains from showing ads in chats, which users will also appreciate.

“The company has promised never to advertise to users in private chats”, said Brown. 

Should you move your chats to Telegram? 

The general consensus from those we spoke to was that it’s safe to move your chats to Telegram, but Signal is better. 

“With the availability of end-to-end encryption for private chats, Telegram can protect your private chats, but you cannot encrypt your group chats, one of the app’s most popular features. But if you’re looking for a top-notch end-to-end encrypted messaging app, then there are definitely better options around”, said Demetriades. 

However, Consumer Privacy Champion at Pixel Privacy, Chris Hauk noted, Signal is less popular than other messaging apps, which could have you tempted to join Telegram if that’s where all your contacts are. 

“Many users are not concerned about their messaging app’s privacy offering, instead they usually use the messaging apps used by their friends and family”, said Hauk. 

“However, anyone who messages about more than “do we need milk?” should consider using one of the three messaging services (Telegram, Signal and WhatsApp), while also encouraging their friends and family to also use the apps”. 

There’s also no reason to leave Telegram if you’re already using it, according to Brown. 

“All messenger apps are subject to geo-political moves, such as bans and sanctions, and Telegram has been subject to these over the years. But as it stands Telegram is safe and stable. If you’re worried about data sharing, then Telegram should be a safe place for you”.

As ever, Trusted Reviews recommends any privacy conscious user invest in a reliable VPN to help protect their data. You can see a list of the best VPNs we’ve tested in the attached guide.

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.

Trusted Reviews Logo

Sign up to our newsletter

Get the best of Trusted Reviews delivered right to your inbox.

This is a test error message with some extra words