The Twitter administration has published document, in which she described in detail the work of encrypting personal correspondence on the platform. Unlike messengers that offer this for free, the microblogging platform has opened access to the feature only to paid subscribers – individuals and organizations.
Encrypted private messages can only be exchanged if both dialog participants have a paid subscription: Twitter Blue for individuals (from $7 per month), Verification for organizations ($1000 per month) and their partners ($50 per month). You must also install the latest version of the Twitter application, subscribe to the interlocutor, accept an invitation from him or have a history of correspondence with him. If all these conditions are met, the correspondence will be marked with a lock icon and encrypted dialogues will be separated from unencrypted ones.
There are other limitations to encrypted private messages: cryptography only works for one-on-one correspondence, although this feature will be available for groups in the future. In addition, you can only send texts and links. Finally, the platform administration admitted that the system is not immune to MitM attacks (man-in-the-middle – a man in the middle), but promised to introduce mechanisms that make them more difficult or allow to warn the user, when they occur.
With secure correspondence, encryption does not apply to message metadata (recipient name, time since sent, etc.) or associated content—link addresses are encrypted, but content at the corresponding addresses is not.