Telegram is a cloud -based instant messaging service. Telegram clients exist for both mobile ( Android, iOS, Windows Phone, Ubuntu Touch) and desktop systems ( Windows, OS X, Linux).  Users can send messages and exchange photos, videos, stickers and files of any type. Telegram also provides end-to-end encrypted messaging. Terror groups have been using it for communications and propaganda dissemination since at least 2015. 
Telegram is supported by the Russian -born entrepreneur Pavel Durov,  who is now a citizen of Saint Kitts and Nevis,  travelling the world in self-imposed exile.  Its client-side code is open-source software, whereas its server-side code is closed-sourced and proprietary. The service also provides APIs to independent developers.
Telegram was launched in 2013 by brothers Nikolai and Pavel Durov, who previously founded the Russian social network VK, but had to leave the company after it was taken over by Mail.ru.   Nikolai Durov created the MTProto protocol that is the basis for the messenger, while Pavel provided financial support and infrastructure through his Digital Fortress fund. 
Telegram is registered as both an English LLP  and an American LLC.  It does not disclose where it rents offices or which legal entities it uses to rent them, citing the need to "shelter the team from unnecessary influence" and protect users from governmental data requests.  The service says that it is headquartered in Berlin, Germany.  Durov left Russia and is said to be moving from country to country with a small group of computer programmers. 
In October 2013, Telegram had 100,000 daily active users.  On 24 March 2014, Telegram announced that it had reached 35 million monthly users and 15 million daily active users.  In October 2014, South Korean governmental surveillance plans drove many of its citizens to switch to Telegram.  In December 2014, Telegram announced they had 50 million active users, generating 1 billion daily messages and that they had 1 million new users signing up on their service every week;  traffic doubled in five months with 2 billion daily messages.  In September 2015, an announcement stated that the app had 60 million active users and delivered 12 billion daily messages.  In February 2016, Telegram announced that they had 100 million monthly active users, with 350,000 new users signing up every day, delivering 15 billion messages daily. 
Telegram accounts are tied to telephone numbers and are verified by SMS or phone call.  Users can add multiple devices to their account and receive messages on each one. Connected devices can be removed individually or all at once. The associated number can be changed at any time and when doing so, the user's contacts will receive the new number automatically.    In addition, a user can set up an alias that allows them to send and receive messages without exposing their phone number.  Accounts can be deleted at any time and they are deleted automatically after six months of inactivity by default, which can optionally be changed to 1 to 12 months. Users can replace exact "last seen" timestamps with fudged messages such as "last seen within a week". 
The default method of authentication that Telegram uses for logins is SMS-based single-factor authentication.   All that is needed in order to log in to an account and gain access to that user's cloud-based messages is a one-time passcode that is sent via SMS to the user's phone number.   These login SMS messages are known to have been intercepted by unknown third parties in Iran and Russia, possibly in coordination with phone companies.  Pavel Durov has said that Telegram users in "troubled countries" should enable two-factor authentication by creating passwords, which Telegram allows, but does not require. 
In June 2015, Telegram launched a platform for third-party developers to create bots.  Bots are Telegram accounts operated by programs. They can respond to messages or mentions, can be invited into groups and can be integrated into other programs. Dutch website Tweakers reported that an invited bot can potentially read all group messages when the bot controller changes the access settings silently at a later point in time. Telegram pointed out that it considered implementing a feature that would announce such a status change within the relevant group. 
Channels can be created for broadcasting messages to an unlimited number of subscribers.  Channels can be publicly available with an alias and a permanent URL so anyone can join. Users who join a channel can see the entire message history. Each message has its own view counter, showing how many users have seen this message. Users can join and leave channels at any time. Furthermore, users can mute a channel, meaning that the user will still receive messages, but won't be notified.
Stickers are cloud-based, high-definition images intended to provide more expressive emoji. When typing in an emoji, the user is offered to send the respective sticker instead. Stickers come in collections called "sets", and multiple stickers can be offered for one emoji. Telegram comes with one default sticker set,  but users can install additional sticker sets provided by third-party contributors. Sticker sets installed from one client become automatically available to all other clients.
Messages can also be sent with client-to-client encryption in so-called secret chats. These messages are encrypted with the service's MTProto protocol.  Unlike Telegram's cloud-based messages, messages sent within a secret chat can be accessed only on the device upon which the secret chat was initiated and the device upon which the secret chat was accepted; they cannot be accessed on other devices.    Messages sent within secret chats can, in principle, be deleted at any time and can optionally self-destruct.
Secret chats have to be initiated and accepted by an invitation, upon which the encryption keys for the session are exchanged. Users in a secret chat can verify that no man-in-the-middle attack has occurred by comparing pictures that visualize their public key fingerprints. 
According to Telegram, secret chats have supported perfect forward secrecy since December 2014. Encryption keys are periodically changed after a key has been used more than 100 times or has been in use for more than a week. Old encryption keys are destroyed.   
Telegram's local message database is not encrypted by default. Some Telegram clients allow users to encrypt the local message database by setting a passphrase. 
Telegram uses a symmetric encryption scheme called MTProto. The protocol was developed by Nikolai Durov and other developers at Telegram and is based on 256-bit symmetric AES encryption, RSA 2048 encryption and Diffie–Hellman key exchange. 
Since 2013,  cryptography experts have expressed both doubts and criticisms on the MTProto encryption scheme, saying that deploying home-brewed and unproven cryptography may render the encryption vulnerable to bugs that potentially undermine its security, due to a lack of scrutiny.  It has also been suggested that Telegram did not employ developers with sufficient expertise or credibility in this field. 
In December 2015, two researchers from Aarhus University published a report in which they demonstrated that MTProto does not achieve indistinguishability under chosen-ciphertext attack (IND-CCA) or authenticated encryption. The former means that it is possible to turn any ciphertext into a different ciphertext that decrypts to the same message. The researchers stressed that the attack was of a theoretical nature and they "did not see any way of turning the attack into a full plaintext-recovery attack".
Telegram Messenger LLP has servers in a number of countries throughout the world to improve the response time of their service.  Telegram's server-side software is closed-source and proprietary. Pavel Durov has said that it would require a major architectural redesign of the server-side software to connect independent servers to the Telegram cloud. 
Telegram has various clients. This list includes versions developed on official platforms backed by Telegram Messenger LLP and unofficial clients that are developed by the community. The source code of all official Telegram clients (and some of the unofficial clients) is open source and released under the GNU General Public Licence version 2 or 3.
|Name||Platform(s)||Official||Source code license||Support for secret chats||Notes|
|Telegram||OS X||Yes||GPLv2 ||Yes|
|Telegram Desktop||Microsoft Windows ( portable application), OS X, and GNU / Linux||Yes||GPLv3 with OpenSSL exception ||No|
|Cutegram ||Windows, OS X, and GNU/Linux||No||GPLv3 ||Yes||Based on Qt. |
|Telegram CLI ||GNU/Linux, FreeBSD and OS X||No ||GPLv2 ||Yes||Command-line interface for Telegram.|
|Telegram Messenger||iOS 6 or later||Yes||GPLv2 or later  ||Yes||Launched in August 2013 for iPhone and iPod Touch and relaunched in July 2014 with support for iPad. |
|Telegram||Android 2.3 or later||Yes||GPLv2 or later  ||Yes||Supports tablets  and Android Wear smart watches. |
|Telegram Messenger||Windows Phone||Yes||GPLv2 or later ||Yes|
|Telegram||Firefox OS||Yes||GPLv3 ||No||Based on Webogram.|
|Telegram||Google Chrome and Chrome OS||Yes||GPLv3 ||No|
|Telegram||Ubuntu Touch||No||GPLv2 ||Yes|
|Sailorgram||Sailfish OS||No||GPLv3 ||Yes||Based on Cutegram.|
Users can also access Telegram's cloud-based messages via an official web browser interface called Telegram Web (aka Webogram). Users can share images, files and emoticons with previously-added contacts; this works in most modern browsers, such as Firefox, Safari, and Google Chrome.  
Telegram has public APIs with which developers can access the same functionality as Telegram's official apps to build their own messaging applications.  In February 2015, creators of the unofficial Whatsapp+ client released the Telegram Plus app after their original project got a cease-and-desist order from WhatsApp.   In September 2015, Samsung released a messaging application based on these APIs. 
Telegram also offers an API that allows developers to create bots, which are accounts controlled by programs.   In February 2016, Forbes launched an AI -powered news bot that pushes popular stories to subscribers and replies to search queries with relevant articles.  TechCrunch launched a similar bot in March 2016. 
The Electronic Frontier Foundation (EFF) listed Telegram on its "Secure Messaging Scorecard" in February 2015. Telegram's default chat function received a score of 4 out of 7 points on the scorecard. It received points for having communications encrypted in transit, having its code open to independent review, having the security design properly documented, and having completed a recent independent security audit. Telegram's default chat function missed points because the communications were not encrypted with keys the provider didn't have access to, users could not verify contacts' identities, and past messages were not secure if the encryption keys were stolen. Telegram's optional secret chat function, which provides end-to-end encryption, received a score of 7 out of 7 points on the scorecard.  The EFF said that the results "should not be read as endorsements of individual tools or guarantees of their security", and that they were merely indications that the projects were "on the right track". 
In April 2016, accounts of several Russian opposition members were hijacked by intercepting the SMS messages used for login authorization.  In response, Telegram recommended using the optional two-factor authentication feature. 
In May 2016, the Committee to Protect Journalists and Nate Cardozo, senior staff attorney at Electronic Frontier Foundation, recommended against using Telegram because of "its lack of end-to-end encryption [by default] and its use of non-standard MTProto encryption protocol, which has been publicly criticized by cryptography researchers, including Matthew Green ". 
In May–June 2016, Telegram was criticized for claiming to be more secure than WhatsApp, even though WhatsApp applies end-to-end encryption to all of its traffic by default using a protocol that has been "reviewed and endorsed by leading security experts", while Telegram does neither.  
Telegram has organised two cryptography contests to challenge its own security. Third parties were asked to break the service's cryptography and disclose the information contained within a secret chat between two computer-controlled users. A reward of respectively US$200,000 and US$300,000 was offered. Both of these contests expired with no winners.   Security researcher Moxie Marlinspike and commenters on Hacker News criticised the first contest for being rigged or framed in Telegram's favour and said that Telegram's statements on the value of these contests as proof of the cryptography's quality are misleading.   
Telegram was open and working in Iran without any VPN or other circumvention methods in May 2015.  In August 2015, the Iranian Ministry of ICT asserted that Telegram had agreed to restrict some of its bots and sticker packs in Iran at the request of the Iranian government.  According to an article published on Global Voices , these features were being used by Iranians to "share porn and satirical comments about the Iranian government". The article also noted that "some users are concerned that Telegram's willingness to comply with Iranian government requests might mean future complicity with other Iranian government censorship, or even allow government access to Telegram's data on Iranian users".  Telegram has stated that all Telegram chats are private territory and that they do not process any requests related to them. Only requests regarding public content (bots and sticker packs) will be processed.  In May 2016, the Iranian government asked all messaging apps, including Telegram to move all Iranian users' data to Iranian servers. 
Use by terrorists
In September 2015, in response to a question about the use of Telegram by extremists like ISIL, Pavel Durov stated: "I think that privacy, ultimately, and our right for privacy is more important than our fear of bad things happening, like terrorism."  ISIL has recommended Telegram to its supporters and members   and in October 2015 they were able to double the number of followers of their official channel to 9,000.  In November 2015, Telegram announced that it had blocked 78 public channels operated by ISIL, which were used for spreading propaganda and mass communication.   Telegram stated that it would block public channels and bots that are related to terrorism, but it would not honour "politically-motivated censorship" based on "local restrictions on freedom of speech" and that it allowed "[peaceful expression of] alternative opinions".  Telegram's usage for ISIL's propaganda has reignited the encryption debate and encrypted messaging applications have faced new scrutiny.  
In August, 2016 French anti-terrorism investigators revealed that the two ISIL-directed Jihadists who fatally cut the throat of a priest in Saint-Etienne-du-Rouvray in northern France and videoed the murder had met just days earlier via encrypted messaging app Telegram, and that "they used the app to coordinate their plans for the attack." The terror group's media wing subsequently posted a video on Telegram showing the pair pledging allegiance. A CNN report further stated "Released three years ago, the app (Telegram) has become known as a preferred means of communication for the Sunni terror group ISIS, and was used by the ISIS cell that plotted the Paris terror attacks in November." 
- Comparison of instant messaging clients
- List of virtual communities with more than 100 million active users
- Internet privacy
- Secure instant messaging
- Jakobsen, Jakob; Orlandi, Claudio (8 December 2015). (PDF) . Cryptology ePrint Archive . International Association for Cryptologic Research (IACR) . Retrieved 11 December 2015 .
- Rottermanner, Christoph; Kieseberg, Peter; Huber, Markus; Schmiedecker, Martin; Schrittwieser, Sebastian (December 2015). (PDF) . Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (iiWAS2015). ACM International Conference Proceedings Series. ISBN 978-1-4503-3491-4 . Retrieved 18 March 2016 .