Frequently Asked Questions
- What is Delta Chat?
- How can I find people to chat with?
- What are the advantages of Delta Chat compared to other messengers?
- Which messages do appear in Delta Chat?
- What about spam?
- Does Delta Chat support images, videos and other attachments?
- Who sees my profile picture?
- Does Delta Chat support HTML e-mails?
- Why do I have to enter my E-Mail password into Delta Chat? Is this secure?
- Which permissions does Delta Chat need?
- Does Delta Chat support end-to-end-encryption?
- What do I have to do to activate the end-to-end-encryption?
- If end-to-end-encryption is not available, is the connection not encrypted at all?
- How can I verify cryptographic status with a sender?
- How can I check the encryption of messages?
- Which standards are used for end-to-end-encryption?
- What is the difference between verified groups and 1:1 chats with verified contacts?
- Does Delta Chat support Perfect Forward Secrecy?
- How does Delta Chat protect my Metadata?
- Can I reuse my existing private key?
- I can’t import my existing PGP key into Delta Chat.
- Why don’t you use pEp (pretty easy privacy)?
- Can I use Delta Chat on multiple devices at the same time?
- Are there any plans for introducing a Delta Chat Web Client?
- Why can I choose not to watch the Inbox?
- What is the “Send Copy to Self” setting good for?
- Why can I choose to watch the “Sent” folder?
- Why can I choose not to watch the DeltaChat folder?
Delta Chat is a new chat app that sends messages via e-mails, encrypted if possible, with Autocrypt. You do not have to sign up anywhere, just use your existing e-mail account with Delta Chat.
With Delta Chat, you can write to every existing e-mail address - even if the recipient is not using the Delta Chat app. No need for the recipient to install the same app as yours, as with other messengers.
- Independent of any company or services. You own your data.
- Your data is not saved on a central server unless all users are using the same e-mail servers
- You do not distribute your address book to anyone.
- Fast by the use of Push-IMAP.
- Largest userbase - recipients not using Delta Chat can be reached as well.
- Compatible - not only to itself.
- Elegant and simple user interface.
- Distributed system.
- No Spam - only messages of known users are shown by default.
- Reliable - safe for professional use.
- Trustworthy - can even be used for business messages.
- Copyleft and Standards based libre software.
Delta Chat automatically shows:
- Messages from contacts in your address book
- Messages from contacts contacted by you
- Replies to messages sent by you
Other messages do not appear automatically, and are to be found in Contact requests. If desired a chat can be started from there.
- Messages in common spam folders are ignored and contained addresses are not considered as known contacts.
- As messages from unknown contacts do not pop up automatically, normally, there is no spam.
- However, if needed, you can block any contact.
- Yes. Beside the plain text, all e-mail attachments are displayed as separate messages. Outgoing messages get attachments as needed automatically.
You can add a profile picture in your settings. If you write to your contacts or add them via QR code, they automatically see it as your profile picture.
Contacts who don’t use Delta Chat see it as an E-Mail attachment.
For privacy reasons, no one sees your profile picture until you write a message to them.
Your profile picture isn’t sent with every message, but regularly enough that your contacts will re-receive your profile picture, even if they add a new device.
- Yes. If an incoming e-mail lacks a plain text part, HTML-emails are converted to plain text in the app. Outgoing e-mails always use plain text.
As with other E-Mail programs like Thunderbird, K9-Mail, or Outlook, the program needs the password so you can use it to send mails. Of course, the password is stored only on your device. The password is only transmitted to your E-Mail provider (when you login), which has access to your mails anyway.
If you use an E-Mail provider with OAuth2 support like gmail.com or yandex.ru, there is no need to store your password on the device. In this case, only an access token is used.
As Delta Chat is Open Source, you can check the Source Code if you want to verify that your credentials are handled securely. We are happy about feedback which makes the app more secure for all of our users.
Depending on the operating system in use, you may be asked to grant permissions to the app. This is what Delta Chat does with these permissions:
- Camera (can be disallowed)
- take pictures and videos: for sending Photos
- Contacts (can be disallowed)
- read your contacts: to discover contacts to chat with
- Location (can be disallowed)
- access approximate location (network location sources): for the location streaming feature
- access precise location (GPS and network location sources): for the location streaming feature
- Microphone (can be disallowed)
- record audio: for audio messages
- Storage (can be disallowed)
- modify or delete the contents of your SD card: to download message attachments
- read the contents of your SD card: to share files with your contacts
- Other app capabilities
- change your audio settings: so you can choose ring tones and volume for notifications and audio messages
- run at startup: so you don’t have to start Delta Chat manually
- control vibration: for notifications
- view network connections: to connect to your E-Mail provider
- prevent phone from sleeping: so you can easier copy the security code during the Autocrypt Setup Message
- have full network access: to connect to your E-Mail provider
- view Wi-Fi connections: to connect to your E-Mail provider
- ask to ignore battery optimisations: for users who want to receive messages all the time
- Select New chat and then New group from the menu in the upper right corner or hit the corresponding button on Android/iOS.
- On the following screen, select the group members and define a group name. You can also select a group avatar.
- As soon as you write the first message in the group, all members are informed about the new group and can answer in the group (as long as you do not write a message in the group the group is invisible to the members).
- Every group member has the same rights as any other. For this reason every one can delete every member or add new ones.
- To add or delete members, click on the group name in the chat.
A verified group is a chat that guarantees safety against an active attacker. All Messages in a verified chat view are e2e-encrypted, and members can join by scanning a “QR invite code”. All members are thus connected with each other through a chain of invites, which guarantee cryptographic consistency against active network or provider attacks. See countermitm.readthedocs.io for the R&D behind this feature.
As of Dec 2019, a “verified group” remains an experimental feature. It is continuously improved and many bugs have been fixed since the original introduction in 2018. However, there remain cases, especially with large groups where inconsistencies can occur, or messages become unreadable. Early 2020 a security review is upcoming, and several new developments around qr-join protocols are taking place so chances are we remove the “experimental” label not too far in the future.
- As you’re no longer a group member, you cannot add yourself again. However, no problem, just ask any other group member in a normal chat to re-add you.
Either delete yourself from the member list or delete the whole chat. If you want to join the group again later on, ask another group member to add you again.
As an alternative, you can also “Mute” a group - doing so means you get all messages and can still write, but are no longer notified of any new messages.
- A message shows double ticks after more than half of the recipients have seen the message on their display.
- Note that some recipients might have disabled read-receipts for privacy-reasons.
- If more than 50% in a group disabled read receipts, the double ticks will never show up. For more detailed information, see this blogpost.
Yes. Delta Chat implements the Autocrypt Level 1 standard and can thus E2E-encrypt messages with other Autocrypt-capable apps.
Delta Chat also supports a strong form of end-to-end encryption that is even safe against active attacks, see “verified groups” further below.
Delta Chat apps (and other Autocrypt-compatible e-mail apps) share the keys required for end-to-end-encryption automatically as the first messages are sent. After this, all subsequent messages are encrypted end-to-end automatically. If one of the chat partners uses a non-Autocrypt e-mail app, subsequent messages are not encrypted until an Autocrypt-compliant app is available again.
If you want to rather avoid end-to-end-encrypted e-mails by default, use the corresponding Autocrypt setting in “Settings” or “Advanced settings”.
- With most mail servers, Delta Chat establishes transport encryption (TLS). This only secures the connection between your device and your e-mail server. Whereas e2e-encryption provides safety between your device and a friend’s device.
If you are within immediate distance of the chat partner:
- Select QR Invite code on one device and then Scan QR code on the other one and scan the code. If both devices are online, they will introduce a chat channel with each-other (if it doesn’t exist already) and the encryption keys will also be verified. Both will see a “sender verified” system message in their 1:1 chat.
If you are not near the chat partner, you can check the status manually in the “Encryption” dialog (user profile on Android/iOS or right-click a user’s chat-list item on desktop):
For end-to-end-encryption, Delta Chat shows two fingerprints there. If the same fingerprints appear on your chat partner’s device, the connection is safe.
For transport encryption, this state is just shown there
A little padlock shown beside a message denotes whether the message is end-to-end-encrypted from from the given sender.
If there is no padlock, the message is usually transported unencrypted e.g. because you or the sender have turned off end-to-end-encryption, or the sender uses an app without support for end-to-end-encryption.
Autocrypt is used for establishing e2e-encryption with other Delta Chat and other Autocrypt-capable mail apps. Autocrypt uses a limited subset of OpenPGP functionality.
Delta Chat implements countermitm setup-contact and verified-group protocols to achieve protection against active network attacks. This goes beyond the opportunistic base protection of Autocrypt Level 1, while maintaining its ease of use.
1:1 chats with a verified contact and verified groups are not the same, even if there are only 2 people in the verified group. One difference is that you could easily add more people to the group, but there are other implications as well.
Verified groups are invariably secured. Any breakage (cleartext or wrongly signed messages etc.) will be flagged and such messages will not be shown in this chat. You can trust all messages in this verified-checkmark chat to have not been read/altered by middle parties.
1:1 chats are opportunistic, it is meant to allow people to communicate no matter if they change e-mail clients, devices, setups etc. That’s why there is no verification checkmark, even if you have verified the contact.
No, OpenPGP doesn’t support Perfect Forward Secrecy. Perfect Forward Secrecy works session-oriented, but E-Mail is asynchronous by nature and often used from multiple devices independently. This means that if your Delta Chat private key is leaked, and someone has a record of all your in-transit messages, they will be able to read them.
Note that if anyone has seized or hacked your running phone, they will typically be able to read all messages, no matter if Perfect Forward Secrecy is in place or not. Having access to a single device from a member of a group, will typically expose a lot of the social graph. Using e-mail addresses that are not easily tracked back to persons helps group members to stay safer from the effects of device seizure.
We are sketching ways to protect communications better against the event of device seizure.
As Delta Chat is a decentralized messenger, the metadata of Delta Chat users are not stored on a single central server. However, they are stored on the mail servers of the sender and the recipient of a message.
Each mail server currently knows about who sent and who received a message by inspecting the unencrypted To/Cc headers and thus determine which e-mail addresses are part of a group. Delta Chat itself could avoid unencrypted To/Cc headers quite and always put them only into the encrypted section. See Avoid sending To/CC headers for verified groups. For opportunistic chats the main concern is how it affects other mail apps who might participate in chats.
Many other e-mail headers, in particular the “Subject” header, are end-to-end-encryption protected, see also this upcoming IETF RFC.
Yes. The best way is to send an Autocrypt Setup Message from the other e-mail client. Look for something like Start Autocrypt Setup Transfer in the settings of the other client and follow the instructions shown there.
Alternatively, you can import the key manually in “Settings” or “Advanced settings” and then “Import secret keys”. Caution: Make sure the key is not protected by a password, or remove the password beforehand.
If you don’t have a key or don’t even know you would need one - don’t worry: Delta Chat generates one as needed, you don’t have to hit a button for it.
With a very good chance, the problem is that your key is encrypted and/or uses a password. Such keys are not supported by Delta Chat. You may remove the passphrase encryption and the password and try the import again. If you want to keep your passphrase you’ll have to create an e-mail alias for use with Delta Chat such that Delta Chat’s key is tied to this e-mail alias.
Format wise, Delta Chat supports common OpenPGP private key formats, however, it is unlikely that we will support 100% of all private keys of any sources. This is also not the main focus of Delta Chat (in fact, the large majority of the Delta Chat users will not have any key before they start using Delta). However, we try to support private keys from other sources as good as possible.
Removing the password from the private key will be different, depending on the software you use to manage your PGP keys. With Enigmail, you can set your password to an empty value in the Key Management window. With GnuPG you can set it via the command line. For other programs, you can find a solution online.
- Delta Chat uses the Autocrypt e2e-encryption standard. For a discussion of Autocrypt and pEp, see the Autocrypt FAQ.
If you want to use the same account on different devices, you should export a backup from the old device, and import it into the new device:
- On the old device, go to “Settings” or “Settings / Chats and media” and then to “Backup”. Enter your screen unlock PIN, pattern, or password. Then you can click on “Start Backup”. This saves the backup file to your device. Now you have to transfer it to the other device somehow.
- On the new device, on the login screen, instead of logging into your email account, choose “Import Backup”. After import, your conversations, encryption keys, and media should be copied to the new device.
- You are now synchronized, and can use both devices for sending and receiving E2E-encrypted messages with your communication partners.
- There are no immediate plans but some preliminary thoughts.
- There are 2-3 avenues for introducing a Delta Chat Web Client, but all are significant work. For now, we focus on getting stable releases into all app stores (Google Play/iOS/Windows/macOS/Linux repositories) as native apps.
- If you need a Web Client, because you are not allowed to install software on the computer you work with, you can use the portable Windows Desktop Client, or the AppImage for Linux. You can find them on get.delta.chat.
This is an experimental setting for some people who are experimenting with server-side rules. Not all providers support this, but with some you can move all mails with a “Chat-Version” header to the DeltaChat folder. Normally, this would be done by the Delta Chat app.
Watching the Inbox makes sense to turn off, if you have both:
- enabled a server-side rule to move all messages with Chat-Version header to the DeltaChat folder, and
- have set the “Show classic emails” setting to “no, chats only”.
In this case, Delta Chat doesn’t need to watch the Inbox.
Sending a copy of your messages to yourself ensures that you receive your own messages on all devices. If you have multiple devices and don’t turn it on, you see only the messages from other people, and the messages you send from the current device.
The copy is sent to the Inbox, and then moved to the DeltaChat folder; it’s not put into the “Sent” folder. Delta Chat never uploads anything to the Sent folder because this would mean uploading a message twice (once through SMTP, and once through IMAP to Sent folder).
The default setting for copy-to-self is “no”.
The only reason one wants to watch the Sent folder is if you are using another mail program (like Thunderbird) next to your Delta Chat app, and want your MUA to participate in chat conversations.
However, we recommend using the Delta Chat Desktop Client; you can download it on get.delta.chat. The option to watch the “Sent” folder might go away in the future. It was introduced at a time where there was no Delta Chat Desktop client available on all platforms.
Some people use Delta Chat as a regular email client, and want to use the Inbox folder for their mail, instead of the DeltaChat folder. If you disable “Watch DeltaChat folder”, you should also disable “move chat messages to DeltaChat”. Otherwise, deleting messages or multi-device setups might not work properly.
- With a rather good chance: Yes :)
However, some providers need special options to work properly, see Provider Overview
- Sending and receiving messages takes a few seconds, typically. Sometimes there are cases where it takes longer but that is arguably true as well for any other messenger.
- Instant chatting works fast if both parties are actively using the app. It’s sometimes slower if the app is running in the background.
- Receiving messages then can take minutes because both Android and iOS often stop Delta Chat from running in the background, and only wake it up occasionally. This artificial delay is usually worse on iOS than on Android.
- Note that Delta Chat doesn’t use Google Cloud Messaging (GCM) or the Apple Push Notification Service (APNS), because this leads to user tracking and central control which Delta Chat aims to avoid as much as feasible.
- However, Android and iOS kill apps running in the background is a problem for many legitimate apps. For more information, see dontkillmyapp.com.
- Yes and No.
- No, you can not use your Protonmail, Tutanota, or Criptext account with Delta Chat; they do not offer receiving mails via IMAP.
- In any case you can use Delta Chat to send Messages to people who use Protonmail, Tutanota, or Criptext. Those messages will not be End-to-End encrypted, though. The End-to-End encryption those providers offer is only working inside their platforms, and not compatible with anyone outside.
- Delta Chat can e2e-encrypt through any e-mail provider with any Autocrypt-enabled e-mail app.
First of all, Delta Chat does not receive any Venture Capital and is not indebted, and under no pressure to produce huge profits, or to sell users and their friends and family to advertisers (or worse).
Delta Chat developments have so far been funded from four major sources:
The NEXTLEAP EU project funded the research and implementation of verified groups and setup contact protocols in 2017 and 2018.
The Open Technology Fund has given two grants. The first 2018/2019 grant (~$200K) majorly improved the Android app and allowed us to release a Desktop app beta version, and also moored our feature developments in UX research in human rights contexts, see our concluding Needfinding and UX report. The second 2019/2020 grant (~$300K) is still ongoing and helps us to release Delta/iOS versions, to convert our core library to Rust, and to provide new features for all platforms. See the ongoing blog posts for more info.
The NLnet foundation granted EUR 46K for completing Rust/Python bindings and instigating a Chat-bot ecosystem.
Last but by far not least, several pro-bono experts and enthusiasts contributed and contribute to Delta Chat developments without receiving money, or only small amounts. Without them, Delta Chat would not be where it is today, not even close.
The monetary funding mentioned above was organized by merlinux GmbH in Freiburg (Germany), and then distributed to almost a dozen contributors.
Funding for 2020/2021 is yet to be determined. We are pursuing several opportunities with different organisations and partners. We also are considering to ask for donations. In fact, we experimentally started a little Delta Chat / Liberapay donation account but have not published this yet. There were also around 3-4K so far donated to Bjoern’s (the original author of Delta Chat) paypal and bitcoin donation channels.