Verify User Cryptographically on Signal

Signal provides a cryptographic identification method for you to verify your correspondent. This allows you to lock the safety number with your correspondent to ensure his/her phone is:

  1. in tact
  2. is the same person
  3. sniff any unnoticeable changes

before sending your sensitive information out. To know more, visit: https://support.signal.org/hc/en-us/articles/360007060632-What-is-a-safety-number-and-why-do-I-see-that-it-changed-.

This section guides you on how to verify safety number between you and your correspondent.

NOTE: This section is optional but encouraged to do.

Meet Once

Both of you can meet up face-to-face to perform the cryptographic verifications. Afterall, what you need is the ability to scan QR code from each other.

Verify User

Once the two of you meet up, you can start the cryptographic verification process.

Select View Safety Number

Firstly, in your correspondent chat, select his/her name. This will open up user-specific settings.

Next, scroll down until you find “View safety number". Click on that to bring up the verification interface.

Select User Safety Number Settings

Verify Each Other

Once you open the safety number, you will see the cryptographic keys and a QR code to scan for verification.

Either of you can now press on the QR code to scan one other before enabling the Verified button.

Verify User Cryptographic ID

After completed the verification process, you will notice there is a small tick with verified label under your correspondent name.

Things You Should Watch Out

Should there is a breach of the safety number, you should verify with your correspondent as he/she may:

  1. change phone frequently.
  2. loses the phone number to someone else.
  3. phone's software security is compromised.

Frequent safety number breaches is a bad indicator that either side of you is having a compromised phone/phone number. Hence, please treat it seriously.

Verify User Indication