While it might seem like something native to the digital age, encryption has been around for as long as humans have been keeping and sending secrets. Ancient Egyptians used it. Julius Cesar used it. And, today, a good portion of the internet uses it.

What is encryption?

A complete explanation of encryption is a topic for another article, but in order to understand what end-to-end encryption is, it’s important to have a basic understanding of the concept. Most simply put, encryption is “the process of converting information or data into a code, especially to prevent unauthorized access”. Basically, it’s the process of disguising the contents of a message, with the hope that it will only be read by the person who’s supposed to read it.

When we’re talking specifically about digital data encryption, we’re talking about a process that translates data from one form into another form that is the decrypted with a special key. Unencrypted data is called “plaintext,” while encrypted data is called “cyphertext”.

So what’s end-to-end encryption?

If encryption is a security layer that ensures that data is hidden as it travels from device to device, end-to-end encryption is an added layer. The difference between the two lies in who holds the key to decrypt the data.

With end-to-end encryption, only the device sending the data and the device receiving the data can see what that data contains. That means that no one—not the internet service provider, not the government, not hackers—except the person or device sending the data and the person or device receiving the data can see what it is. And, perhaps most importantly for the majority of daily internet users, the company hosting the data (i.e. a messaging service or browser), can’t see it either.

Who uses end-to-end encryption?

An increasing number of websites are switching over to secure, encrypted domains in order to protect themselves and their users from hackers. You know if you’re on an encrypted domain if you see a “https” at the beginning of the URL, as opposed to “http”. That’s probably the most common form of encryption that people encounter daily as they move around the internet. However, that encryption doesn’t protect users from their ISPs, who can see the general domains that people visit, if not the specific pages on that domain.

Currently, some messaging services offer end-to-end encryption — but not the majority. If a company is claiming that their service is encrypted and you want as much privacy and security as possible, make sure that they’re using end-to-end encryption. Otherwise, your data might still be vulnerable.

What are the vulnerabilities with end-to-end encryption?

When done properly, end-to-end encryption is air tight. However, these systems are created by humans—and humans are flawed. There have been high profile cases recently of “backdoors” in messaging apps that promised end-to-end encryption to their users. Those backdoors are often the result of faulty code which either isn’t discovered until a hack exposes it or which is put in deliberately by a software company, without the knowledge of their users. They can also be flaws in design or due to compromises that a company makes in order to improve usability.

Those cases expose the fact that even end-to-end encryption is not always 100 percent secure. However, end-to-end encryption is currently the most secure way to protect your data and messages as they travel across the internet.