iMessage is already great with privacy, taking advantage of tactics like end-to-end encryption to prevent prying eyes from spying on your conversations and with planned features like Contact Key Verification to prevent advanced, state-sponsored attacks. But what if iMessage had even more privacy features designed to protect the average user even more?
Introducing Private Mode for iMessage. Well, not actually. It’s a concept, but you probably figured that out already. Let’s go over how I can see this happening.
Starting a Private Chat
Ideally, starting a private mode chat wouldn’t be a feature you really have to dig for to find, unlike privacy focused features on other apps (like Instagram hiding the E2EE DM setting). In this case, it would be as easy as holding down on a message thread.
Honestly, I’m not 100% sure if Apple would display the onboarding like this, but it seems feasible enough that there would be a first-time screen explaining what private mode even does. If I were to revise on this (which I could but I can’t be bothered to reopen Figma), I’d probably add more copy about the features that can assist in improving privacy.
Privacy Settings
After you click “Start a Private Chat”, you’re able to customise the level of privacy you want. Honestly? I’m not 100% convinced that Apple would let you customise this much, I feel like they’d have a couple of defaults that are just set for everyone. But I can dream. It’s my concept, I’ll do whatever the f**k I want.
Features
Screen Capture
Snapchat was my initial inspiration for this project. There are times where, as much as it annoys me, I don’t want people taking screenshots of my texts, at least without my knowledge or permission. You’d ideally have a few options for this. Ideally, it would be these:
Deny
Completely prevents screen capture. Theoretically, Apple is the only company that could do this, seeing as iMessage is a system app.
With Permission
Asks the other individuals if the thread can be captured.
Notify
Same as Snap, notifies the user when capturing the screen.
Allow
Standard iMessage behaviour.
This feature would obviously apply to every type of screen capture, and ideally it would differentiate between them, unlike Snap which just says “screen recorded” for things like AirPlay.
Require 2FA
We’re onto the second feature, and I already think this is somewhat un-Apple like, but who cares. This would ideally allow individuals to prevent attackers from gaining access to an Apple ID, by requiring two-factor authentication to be enabled before they can see the chat. If this was a real feature, it would realistically just be yes or no, but I’ve given the user the following options:
2FA via Apple Devices
Requires 2FA to be enabled via the login prompt on other Apple devices.
2FA via SMS
Requires 2FA to be enabled over SMS.
None
Device Sync
This option would decide if the messages can be synced between devices or not.
Require Advanced Data Protection
Requires the receiving parties to enable Advanced Data Protection to sync over iCloud, otherwise has same behaviour as Deny.
Allow iCloud Sync
Standard behaviour.
Sync to iOS, watchOS, visionOS
This would prevent users from syncing to a Mac and simply going through the file system to copy messages, and only sync to devices where the messaging files are not user-accessible.
Deny
Would force the message thread to stay on one device only.
Key Verification
Ties back to the Contact Key Verification feature mentioned earlier, and allows the user to require a contact key to be verified.
Device Lock
Forces each user in the chat to have a device lock
Biometric
Requires Touch ID or Face ID to be enabled.
Alphanumeric
Requires an alphanumeric password.
6-digit Passcode
Requires a 6-digit passcode.
4-digit Passcode
Take a wild guess.
None
Ideally, you could use biometric and another option (eg. biometrics and alphanumeric passcode enabled).
Notifications
This allows the user to hide the messaging content within a notification, similar to Snap.
Hidden
Displays that a message was received, and no other info.
Hide Previews
Only displays the name of the contact.
Default
Standard behaviour, based on the device settings of the other user.
Time Before Deletion
Automatically deletes the chat after a period of time.
24 hours, 12 hours, 1 hour, After Viewed
Presets for time.
Custom
Custom time period.
Keep Messages
Standard behaviour, doesn’t automatically delete the messages.
Other Features I Didn’t Consider Until Right Now
Lock Thread
Lock the chat behind biometrics or passcode.
I had another feature in my head, but I forgot it 💀.
Messaging
Once everything is configured, the messaging experience would be the exact same aside from the privacy features.
The only noticeable difference would be the privacy mode indicator.
Let me know if you’d find a use for this, I’d personally use it a fair bit. I think it takes away some of the power that pseudo-privacy apps like Snapchat have, by incorporating those features while also being actually private and secure.