Archived on 24/04/2019 🗄️
Reason for archiving
We’ve decided to archive this pattern because we can’t find an example of it being used in a service.
In an end-to-end encrypted system, people can verify each other’s identity by saying a word generated by a cryptographic function. If the communication is compromised (through an impersonation attack, for example), the words won’t match.
- Users can quickly and easily identify if something is wrong with the end-to-end encryption
- It’s a visible way of displaying security features, this may build confidence in situations where information is considered higher risk
- It might be difficult to explain what’s happening to users, which may have an impact on how effective it is as a signal
- It requires users to manually check that the connection is secure every time, which may not be appropriate to the level of risk
A previous version of Signal the app displayed two words on the caller’s home screens. This feature was removed in 2017.
Was this pattern useful?