Session

Session is a decentralized, end-to-end encrypted messenger that requires no phone number, no email address, and no personal information to create an account. Built on a network of community-operated servers called the Oxen Service Node network, Session routes messages through an onion routing protocol similar to Tor, meaning no single server ever knows both who sent a message and who received it. Your Session ID — a long cryptographic string — is your identity, and it's generated entirely on your device with no registration server involved.

What makes Session uniquely valuable for crisis privacy is its elimination of the phone number requirement that limits tools like Signal. In a crisis scenario where you may not have access to your regular phone number, where SIM cards may be tracked, or where you need to communicate without any link to your real identity, Session provides encrypted messaging with the strongest possible anonymity guarantees. There is no central server to subpoena, no account database to breach, and no metadata trail connecting your conversations to a phone number or email.

Session is ideal for the most sensitive crisis communications — coordinating with contacts when you cannot afford any link between your messaging identity and your real name. It complements Signal rather than replacing it; use Signal for everyday encrypted messaging with people who know you, and Session for communications where anonymity is the priority over convenience.

Session uses the Signal Protocol's Double Ratchet for message encryption, implementing X25519 Diffie-Hellman key exchange, AES-256-GCM for message encryption, and HMAC-SHA256 for authentication. Each message generates a new encryption key through the ratchet mechanism, providing forward secrecy. The cryptographic implementation has been adapted to work in a decentralized context where there is no central server to facilitate key exchange — instead, pre-key bundles are stored across the distributed network.

On top of the message-level encryption, Session adds an onion routing layer. Each message is wrapped in multiple layers of encryption (like Tor's onion routing) and passed through three randomly selected Oxen Service Nodes before reaching the recipient. Each node can only decrypt its own layer, learning only the address of the next node in the chain — not the sender, the recipient, or the message content. This means that even if one or two nodes in the chain are compromised or operated by an adversary, the sender and recipient remain unlinkable.

Session is the gold standard for anonymous account creation among messaging apps. There is no signup process at all. When you open Session for the first time, the app generates a cryptographic key pair locally on your device, and your Session ID (the public key) becomes your account identifier. No phone number, no email, no username registration, no CAPTCHA — nothing. You share your Session ID or a QR code with contacts directly, and they can message you.

Session does not collect or store IP addresses. The onion routing protocol ensures that the service nodes handling your messages cannot correlate your IP address with your Session ID. There is no account database — Session IDs exist only on the devices that generated them. The Oxen Foundation, which develops Session, has no ability to identify users, reset accounts, or access message content. If your device is lost, your Session ID is lost with it unless you saved your recovery phrase. This is maximum anonymity by design.

Session's client applications for all platforms are fully open source under the GPLv3 license, hosted on GitHub. The Oxen Service Node software that powers the decentralized network is also open source. An independent security audit was conducted by Quarkslab in 2021, which examined the protocol design, cryptographic implementation, and onion routing layer. The audit found no critical vulnerabilities and confirmed that the cryptographic claims were sound. Additional audits of the Oxen network infrastructure have been conducted separately.

The open-source nature of both the client and the network layer means the entire system is auditable end-to-end, unlike centralized services where the server is a black box. Session's protocol specification is published and can be reviewed independently of the code. The Oxen community is active in reviewing pull requests and reporting security issues. While Session has a smaller security research community than Signal, the architectural decision to decentralize means there is no single point that requires trust.

Session is developed by the Oxen Privacy Tech Foundation (OPTF), a nonprofit registered in Australia. Australian jurisdiction is part of the Five Eyes intelligence alliance, which is a concern in theory. However, Session's architecture makes jurisdiction largely moot for the same reason Signal's does, but more so — the OPTF operates no message servers, stores no user data, and has no account database. There is literally nothing to compel them to hand over because they don't have it.

The message routing infrastructure is operated by a decentralized network of independently run Oxen Service Nodes, distributed across multiple countries. No single node operator has access to message content or sender/recipient pairs. Even if Australian authorities compelled the OPTF to insert a backdoor into the client, the open-source code would make this visible immediately. The decentralized architecture means there is no single jurisdiction that can shut down or compromise the messaging network. Session's design assumes that the developers themselves may be compromised and provides privacy guarantees that hold even under that assumption.

Session launched in 2020 as a fork of Signal, making it younger than most tools on this list. The Oxen Privacy Tech Foundation has been developing privacy technologies since 2018 (originally as the Loki Project). Session has not experienced any known security breaches or data exposures. The service has been adopted by privacy advocates, journalists in restrictive countries, and users in regions where phone-number-based messengers are surveilled by state actors.

The smaller user base and shorter track record are the primary trust concerns. Session has not yet been stress-tested by the kind of legal challenges and law enforcement pressure that Signal has faced. However, the architectural design — no central servers, no user database, onion routing — means there is structurally less to attack. The biggest risk is not a server breach but a client vulnerability, which is mitigated by the open-source codebase and ongoing auditing. The Oxen Service Node network has been operational since 2018 with over 1,500 nodes, demonstrating infrastructure stability.

Session's interface is clean and straightforward — similar in layout to Signal or WhatsApp, with a conversation list, individual and group chats, and file sharing. The onboarding is remarkably simple: open the app, and you have an account. No verification codes, no email confirmation, no waiting. The first screen shows your Session ID and recovery phrase, which you should save immediately. Adding contacts requires exchanging Session IDs (long hex strings) or scanning QR codes, which is less convenient than adding a phone number but is the trade-off for true anonymity.

The trade-offs for decentralization do affect usability. Message delivery can be slower than centralized services — typically a few seconds rather than instant — because of the onion routing hops. Push notifications on mobile can be less reliable than Signal's. Group chats are limited to 100 members, and there are no voice or video calls (though this is on the development roadmap). For text-based communication in a crisis, Session works well, but if you need voice calls or large group coordination, Signal remains better suited.

Session is available on iOS, Android, Windows, macOS, and Linux. Unlike Signal, Session's desktop app can operate independently — you don't need a phone to use Session on your computer, though you do need to link accounts if you want multi-device sync. Each device can have its own Session ID, or you can restore the same ID on multiple devices using your recovery phrase. Messages sync across linked devices through the decentralized network.

Feature parity across platforms is good for core messaging — text, images, files, and group chats work identically on all platforms. The desktop apps are native (not Electron), resulting in better performance and lower resource usage than many competing apps. The Android app is available on F-Droid for users who want to avoid Google Play. Mobile apps require Android 5.0+ or iOS 13+, which covers the vast majority of devices in use.

Session is completely free for all users. There are no paid tiers, premium features, or subscriptions. The Oxen Privacy Tech Foundation is funded through the Oxen cryptocurrency token and community donations. The Oxen Service Nodes that power the network are incentivized through block rewards in the Oxen token, creating a self-sustaining infrastructure model that doesn't depend on user payments.

Because there is no payment at all — not even an optional donation flow within the app — there is zero financial trail associated with using Session. You never need to provide any payment information, purchase anything, or interact with any financial system to use the complete feature set. This makes Session the most financially anonymous messaging tool available, requiring nothing more than downloading the app to start using it.

Download Session from the App Store (iOS), Google Play or F-Droid (Android), or getsession.org (desktop). Installation is standard — no special configuration is needed. When you launch Session for the first time, the app will generate your Session ID and display your recovery phrase. Your recovery phrase is a sequence of 13 words that can restore your account on any device. Write it down on paper and store it securely — do not save it digitally, do not screenshot it, and do not store it in cloud notes. If you lose your recovery phrase and your device, your Session ID is gone permanently.

Your Session ID is a long string of letters and numbers — this is your address on the network. To start a conversation, you need to exchange Session IDs with your contact. You can do this by sharing the string directly (via another secure channel), scanning a QR code in person, or reading it aloud over a phone call. There is no username system or directory lookup, which prevents enumeration attacks but means you need a way to share your ID with each contact manually.

Once you have a contact added, tap their name to start a conversation. Enable disappearing messages for sensitive conversations by tapping the conversation header and selecting a timer. Create a closed group (up to 100 members) for coordinating with multiple people by selecting "New Closed Group" from the main menu. Session messages are encrypted end-to-end and routed through the onion network automatically — there is no configuration required to activate privacy features. Everything is private by default. For maximum operational security, access Session only through a VPN or on a dedicated device that isn't linked to your identity, and avoid sharing your Session ID on platforms that could link it to your real name.