Privacy explained in the new Google Allo messaging app

The differences in encryption methods.


Allo was first announced earlier this year at Google I/O 2016. Aside from the other features, one of the topics Google discussed was privacy. The app features an Incognito Mode, which gives you end-to-end encrypted messages, but without the smarts of Assistant. Assistant is what Google touted as Allo’s unique feature over its other messaging apps like Messenger and Hangouts.

If you’d like to know more about Allo’s unique features, check out Eric Johnson’s post below.

Google releases messaging app Allo

Normal messages sent through Allo are only encrypted in transit. That’s one of the reasons why Edward Snowden tweeted out to his followers there are safer messaging apps like Signal. He just didn’t elaborate in limited characters on Twitter why he made that statement.


Encryption in Transit vs End-to-End Encryption

Regular Allo messages are encrypted in transit – between you and the server – with Transport Layer Security (TLS). TLS is a standard way to encrypt communications like chats and emails. But it doesn’t encrypt data at rest – while it sits on the server. This is so that Google’s algorithms can still mine them for data and offer assistance with the Assistant. But if they are open to algorithms, they are open to third-parties which can include the government. Given the proper authority, the government can access this data and possibly use it against you.

End-to-end encryption means that the data can only be encrypted/decrypted locally, as well as in transit. Only the communicating people can read the chats, and not any third party. Not even the almighty Google and Apple can access end-to-end encryption messages unless a specific backdoor is created which is what the government tried to force Apple to create.

Like Google Now, using the Assistant requires you to have your web and app activity, device information and voice and audio activity saved and tracked. It’s possible to disconnect your Google account and only use your phone number. But since it’s not an SMS app, you’re still only limited to messaging other Allo users.


Allo was designed by Google to make your life easier through messaging. If your friend messages you and says, “let’s goto dinner” the Allo app is designed to offer suggestions and restaurants in your area with the help of the Assistant.


If the message is scrambled through end-to-end encryption in incognito mode, there’s simply no way for Assistant to help you out.

Encryption will always be optional in Allo with incognito mode. However once enabled, incognito mode will deactivate Assistant which ultimately defeats the purpose of Allo. You might as well stick with another messaging app like Signal or WhatsApp if encryption is your top priority. Signal also benefits the users who prefer to send their messages over SMS rather than through data.

Ultimately Allo is just another messaging app designed for Google users who don’t mind their data being accessed by Google. Google does give its users plenty of options for opting out of data collection which Derrick Miyao wrote about here. Most importantly though, if you do want a messages completely secured from Google, Allo does give you the option with incognito mode. And when you do want help from the all new Assistant, simply leave incognito mode off and Google will chime in when it can.

Check out Allo at the Google Play Store.