The beta versions of RedPhone and TextSecure were first launched in May 2010 by Whisper Systems,[54] a startup company co-founded by security researcher Moxie Marlinspike and roboticist Stuart Anderson.

[9] At the same time, they announced the release of a standalone desktop client (based on the Electron framework[12]) for Windows, macOS and certain Linux distributions.

[9][81] On 4 October 2016, the American Civil Liberties Union (ACLU) and Open Whisper Systems published a series of documents revealing that OWS had received a subpoena requiring them to provide information associated with two phone numbers for a federal grand jury investigation in the first half of 2016.

[90] In June 2020, Signal Foundation announced a new feature that enables users to blur faces in photos, in response to increased federal efforts to monitor protesters.

[92] CNN and MacRumors linked the surge with a WhatsApp privacy policy change and a Signal endorsement by Elon Musk and Edward Snowden via Twitter.

[106] In September 2022 Signal Messaging LLC announced that AI researcher and noted critic of big tech Meredith Whittaker would fill the newly created position of President.

The Foundation was funded with an initial loan of $50 million from Acton, "to support, accelerate, and broaden Signal's mission of making private communication accessible and ubiquitous".

[117] Signal provides one-to-one and group[118] voice and video[14] calls with up to forty participants on iOS, Android, and desktop platforms.

[122] To verify that a correspondent is really the person that they claim to be, Signal users can compare key fingerprints (or scan QR codes) out-of-band.

[126] The user can define a "screen lock timeout" interval, where Signal will re-encrypt the messages after a certain amount of time, providing an additional protection mechanism in case the phone is lost or stolen.

[129] The developers stressed that this is meant to be "a collaborative feature for conversations where all participants want to automate minimal data hygiene, not for situations where the recipient is an adversary".

[105] The threat of this attack can be mitigated by enabling Signal's Registration Lock feature, a form of two-factor authentication that requires the user to enter a PIN to register the phone number on a new device.

[146] In 2023, the French government is pushing for the adoption of a European encrypted messaging alternative to Signal and WhatsApp named Olvid as their secured platform for communications.

[154] As of August 2018[update], the Signal Protocol has been implemented into WhatsApp, Facebook Messenger, Skype,[155] and Google Allo,[156] making it possible for the conversations of "more than a billion people worldwide" to be end-to-end encrypted.

[161][85][14] To verify that a correspondent is really the person that they claim to be, Signal users can compare key fingerprints (or scan QR codes) out-of-band.

[162][163] In December 2020, Cellebrite published a blog post announcing that one of their products could now access this key and use it to "decrypt the Signal app".

[165][166] This latter interpretation was rejected by several experts,[167] as well as representatives from Signal, who said the original post by Cellebrite had been about accessing data on "an unlocked Android phone in their physical possession" and that they "could have just opened the app to look at the messages".

[14] The servers store registered users' phone numbers, public key material and push tokens which are necessary for setting up calls and transmitting messages.

In December 2013, it was announced that the messaging protocol Signal uses had successfully been integrated into the Android-based open-source operating system CyanogenMod.

It also allows advanced users to compile their own copies of the applications and compare them with the versions that are distributed by Signal Messenger.

In March 2016, Moxie Marlinspike wrote that, apart from some shared libraries that are not compiled with the project build due to a lack of Gradle NDK support, Signal for Android is reproducible.

[122] At the time, "ChatSecure + Orbot", Pidgin (with OTR), Silent Phone, and Telegram's optional "secret chats" also received seven out of seven points on the scorecard.

[192][193] In December 2014, Der Spiegel leaked slides from an internal NSA presentation dating to June 2012 in which the NSA deemed Signal's encrypted voice calling component (RedPhone) on its own as a "major threat" to its mission of accessing users' private data, and when used in conjunction with other privacy tools such as Cspace, Tor, Tails, and TrueCrypt was ranked as "catastrophic" and led to a "near-total loss/lack of insight to target communications [and] presence".

[198][199] On 27 September 2019, Natalie Silvanovich, a security engineer working in Google's vulnerability research team at Project Zero, disclosed how a bug in the Android Signal client could let an attacker spy on a user without their knowledge.

[205] As of January 2021[update], Signal is a contact method for securely providing tips to major news outlets such as The Washington Post,[206] The Guardian,[207] The New York Times,[208] and The Wall Street Journal.

[210] On 9 August 2022, Ismail Sabri Yaakob, the Prime Minister of Malaysia, reported that his Signal account was "hacked" and infiltrated by a third party, sending out messages and impersonating the politician.

[211] In April 2021, Signal announced the addition of a cryptocurrency wallet feature that would allow users to send and receive payments in MobileCoin.

[215][216] As of May 2022[update], Signal's domain fronting is enabled by default in Egypt, UAE, Oman, Qatar, Iran, Cuba, Uzbekistan and Ukraine.

[231] In March 2021, the United Nations recommended Myanmar residents use Signal and Proton Mail to pass and preserve evidence of human rights violations committed during the 2021 coup.

[234] Radical right-wing militias and white nationalists use Signal for organizing their actions, including the Unite the Right II rally in 2018.