In development. RVNT is pre-release — not yet security-audited. Source code, public builds, and the iOS / App Store release aren’t available yet. See the roadmap →

Is iMessage safe to use?

iMessage is one of the most secure mainstream messengers for message content: blue-bubble messages and attachments are end-to-end encrypted by default, and since 2024 iMessage uses Apple's hybrid post-quantum PQ3 protocol (P-256 ECDH + ML-KEM/Kyber with self-healing rekeying), whose design was independently reviewed by academic cryptographers and machine-verified with the Tamarin prover. The major caveats: (1) it is centralized, closed-source, and Apple-account-bound, so you cannot use it anonymously and the shipping code cannot be fully independently audited; (2) Apple's servers see metadata (who, when, routing) in cleartext; (3) by default, if iCloud Backup is enabled without Advanced Data Protection, a copy of your Messages encryption key is stored in your backup and is accessible to Apple — and thus to law enforcement with legal process — so 'E2EE by default' only fully holds if you also enable Advanced Data Protection or disable iCloud Backup; and (4) SMS/MMS fallback (green bubbles) is not encrypted at all. For most users it is a strong, low-effort choice; for threat models that require anonymity, metadata protection, or auditable open-source code, it falls short.

Where iMessage is strongest: Maturity and scale: iMessage is a battle-tested service used by hundreds of millions of people for over a decade, with deep OS integration, reliable delivery, push notifications, and synced backups. RVNT is pre-release and unproven at scale.. On metadata, iMessage relies on None by design — Apple's IDS and APNs servers see sender/recipient identifiers, timestamps and routing data in cleartext; only message content and attachment bodies are E2EE, and it is partly audited. See the full iMessage vs RVNT comparison for the side-by-side.