Content Calendar » ‣

We’ve written this blog post to help you understand how Beeper Mini works. At Beeper, we believe that it is critical for you to be able to trust the software that you use, especially something as important and sensitive as your chat app. We work to earn and keep your trust in three ways:

1. Transparency - since we started Beeper 3 years ago, we’ve been taking opportunities like this to explain how Beeper works. We have a proud history of building products, like Pebble, and stand publicly behind our work.
2. Open source - each major piece of software that we’ve built to interact with other chat networks is open source at github.com/beeper.
3. Privacy and security-aligned business model - we make great software and charge a small subscription fee. Simple as that. No ads. Your data stays private.

Security and privacy

Read the entire post for the full story. TLDR: the following features of Beeper Mini ensure that all communication is encrypted and secure.

• All messages are end-to-end encrypted before being sent. Beeper (and Apple) cannot see your messages.
• Encryption keys never leave your device.
• Beeper Mini connects directly to Apple servers. There is no Mac server relay, like other apps.
• No Apple ID is required. Beeper does not have access to your Apple account.
• Your contact list never leaves your device.

Don’t believe this is possible? Try the open-source Python proof of concept on your own computer to see for yourself. Security researchers are invited to verify all claims that we make, see appendix below.

How it works

Beeper Mini works differently than Beeper Cloud in important ways that increase your privacy and security. Beeper Mini is a standalone Android app. It does not require a cloud server to send and receive messages. It also implements Apple’s end-to-end encryption protocol natively within the Android app itself. All messages are end-to-end encrypted before they are transmitted directly from your device to Apple servers. Learn more about iMessage encryption on Apple Platform Security page.

This is now possible because the iMessage protocol and encryption have been reverse engineered by jjtech, a security researcher. Leveraging this research, Beeper Mini implements the iMessage protocol locally within the app. All messages are sent and received by Beeper Mini Android app directly to Apple’s servers. The encryption keys needed to encrypt these messages never leave your phone. Neither Beeper, Apple, nor anyone except the intended recipients can read your messages or attachments. Beeper does not have access to your Apple credentials.