You've Been Warned: 5 Reasons To Stop Using SMS Messaging On Android

The first SMS was sent in 1992, when an engineer of an IT service company based in the U.K. sent it to his colleague to wish him a Merry Christmas. One year later, Finnish company Nokia released the first mobile phone for commercial use (Nokia 2010) with the ability to send SMS messages. At first, the SMS was used to notify users that they received a voice message, but not long after that, it was transformed into a means of communication on its own.

Nowadays, SMS messaging is slowly becoming a thing of the past. In Europe, for example, most people turn to other messaging apps such as WhatsApp, Telegram, Discord, or Signal. There's a good reason behind it. Although old, SMS hasn't changed much since its beginnings, which means it doesn't conform to modern standards of digital security. There's simply no end-to-end encryption to the texts you send via SMS, and they can be accessed by third parties. So, if you're still using SMS, especially to send sensitive personal information, you should think about switching to another service.

End-to-end encryption (E2EE) ensures that only the sender and the recipient can read the content of a text message. This security feature encrypts the message on the sender's device, and it's decrypted only on the receiver's device. Even if the message is intercepted by a third party, it cannot be read and understood. That way, your sensitive information is protected. Without E2EE, messages can be intercepted and stored on other devices.

SMS is a legacy messaging protocol. It was developed in the early '90s when there was no need for the modern security measures we have today. That's why SMS has no built-in support for encryption. SMS messages are transmitted in simple text over cellular networks. Anyone with access to the network and with the right tools can read your messages. That said, if you must use SMS, consider carefully what you'll send and try not to reveal any sensitive information. This can be challenging as many banks and businesses still use SMS to inform and to authenticate their users.

As mentioned earlier, your messages aren't protected, and they can be accessed by various third parties. Corporations and network carriers can have access to your SMS data, and they use it to build profiles of their users for targeted advertising. The information they retrieve can also be sold to other companies without your explicit consent. And if you run a small business and use SMS, you should watch out not to expose your trade secrets or clients' data.

That said, governments are no exception either. SMS data can be used by the authorities. In the U.S, the police can gain access to SMS messages that are less than 180 days old without even requiring a warrant. This is made possible by the Electronics Communications Privacy Act, and there are other congressional bills that target mobile tracking software. Even if you think you have nothing to hide, the principle of privacy remains. Unrestricted access to SMS opens the door to manipulation, control, and abuse.

There are several ways in which hackers can exploit SMS to target ordinary people. One of the most common methods is using SMS for phishing attacks (also known as smishing). A hacker uses SMS to send what seems like an ordinary text message you would receive from a trusted source, such as a bank or a delivery service. You're then prompted to reply with a password, a credit card number, or other private data.

Another type of fraud you can fall victim to is SIM swapping. In this attack, a hacker uses your publicly available information to trick a mobile carrier employee into transferring your phone number to a new SIM card that would be under the hacker's control. That means a hacker can receive all your SMS and phone calls, including two-factor authentications for bank accounts or social media. You can limit this vulnerability by not using SMS messaging at all when interacting with banks and other institutions that handle your private data.

There are several reasons why phone carriers retain SMS data, be it full text messages or just metadata (who, when, and where you text). The most common reason is technical. To ensure the SMS is delivered, the provider needs to store it for a certain time. This time can vary from several hours to several days or weeks, depending on the company's policy. But a more common reason for storing your SMS data has to do with the law. Many countries require phone carriers to keep such SMS data or just metadata so it can easily be accessed by authorities investigating suspected criminal activity. In either case, your private information is vulnerable while being stored somewhere.

In many countries, the U.S. included, it's legal to use SMS transcripts in courts against you, which means your SMS messages aren't private. More importantly, if there's a data breach, your SMS messages can be used to profile you, track your movement, expose your contacts, and even blackmail you. This is visible in oppressive regimes where governments regularly use data obtained by phone providers to monitor the activity of journalists or their political opponents.

Modern messaging apps let you edit or delete a message you previously sent. This is such a mundane feature, yet it's one of the most important ones that made SMS obsolete. Perhaps you sent a text to the wrong person who wasn't supposed to see it, or you didn't convey the right tone. Fortunately, you can easily delete it or edit it, and the recipient might not even notice if you're quick enough. That is, as long as you didn't send it as an SMS. 

This feature is a big deal, especially in a professional setting. A wrong text message can destroy your reputation or compromise you and your business. An SMS once delivered can't be unsent or deleted. As soon as you hit "send," the text is out there being transmitted through your mobile carrier's network, and it arrives almost instantly on the recipient's device. So, if you accidentally send something personal to the wrong contact, you're completely at their mercy. Imagine complaining about your boss... to your boss. That would definitely motivate you to stop using SMS messaging.