French Messaging App Olvid Replaces WhatsApp in Government phones
In a note dated November 22, Prime Minister Elisabeth Borne instructed government members to install the French messaging app Olvid. She also requested them to uninstall all other messaging apps not audited by ANSSI (National Agency for the Security of Information Systems) by December 8 at the latest. Is this a wake-up call for the government on cybersecurity issues?
As the digital world is constantly evolving, so are cyberattacks, making security and privacy of communications increasingly urgent. In this context, the French government recently chose to adopt Olvid, a secure French messaging application.
Security and Privacy
The importance of security in messaging applications cannot be underestimated. A security breach can lead to the disclosure of private information, with disastrous consequences for individuals and organizations, especially if the targeted individuals are government members.
The French government has made a strong choice by prohibiting traditional messaging applications like WhatsApp or Telegram for government members in favor of Olvid. This made-in-France messaging application is presented as the "safest instant messaging app in the world" by the Minister Delegate for Digital, Jean-Noël Barrot.

Compelling arguments support this application. It was developed in 2019 by two cryptography PhDs, professionals well-placed to understand the security challenges of communication tools.
Security
The application offers end-to-end encrypted messaging. The exchange between users is encrypted using a key that is then destroyed. It is therefore impossible for a third party to decipher it.
Collection of Personal Data
No personal data is required: unlike other messaging applications, Olvid does not require a phone number or email address during registration.


No centralized directory of users
It is impossible to find users of the application using one's contact list. Users are therefore required to verify the identity of their contacts themselves with a QR code displayed on each user's screen.
IP Addresses of Users
Regarding IP addresses, the application indicates that it "uses" them for its operation without "consulting, collecting, or retaining" them. This can be confusing because an IP address is personal data according to Article 4 of the GDPR (General Data Protection Regulation). The use of personal data consequently involves the processing of personal data.
Certification by ANSSI (National Agency for the Security of Information Systems)
This is the most significant point: Olvid is the only messaging application with a First Level Security Certification (CSPN) issued by ANSSI in 2020. This certification, also called the "ANSSI security visa," attests that a product has successfully undergone a security evaluation.
Controversies
Despite reassuring information about the security level of the application, uncertainties persist. Indeed, while this application has been presented as a 100% French invention, it nevertheless uses AWS (Amazon Cloud Services) cloud.
This information sparked controversy due to the risks of access to data by US authorities under the Cloud Act, a US law adopted in 2018. It forces US companies, regardless of their location, to disclose all electronic data of their users to the US government in the context of a judicial investigation.
Olvid creates no centralized directory of its users, does not collect their IP addresses (identifiers of connected devices) or their connection data, and everything is end-to-end encrypted with the highest-level security encryption algorithms.
Thomas Baignères, CEO of Olvid - AFP
According to the company, these risks are minimal since the personal data of users is not collected, and there is no contact data in the application.
In response to these concerns, a solution for Olvid would be to move its server to France or another country that offers stronger security and confidentiality guarantees.
In the end, the future of Olvid will depend on its ability to address these challenges and maintain the trust of its users. With the right balance between security, privacy and ease of use, Olvid has the potential to become a major player in the field of secure messaging applications. Meanwhile, the application still has a long way to go, with currently 100,000 users compared to 2 billion for WhatsApp.
Sources:
- Olvid - Privacy Policy
- Olvid and accusations of security flaws: the French messaging denies - L'Express
- French, respectful of data, secure... what is the Olvid messaging application imposed on ministers for cybersecurity reasons? - ladepeche.fr
- No more WhatsApp, the French Olvid app imposed on all ministers - Les Echos
[Cover Photo: Kelly Sikkema]
Support us by sharing the article: