Good news, everyone! After much hard work, a new version of Riot has arrived in the App Store and Google Play and F-Droid and it’s landed with a couple of great new features: phone numbers for identity and (at long last) session encryption key import!

Phone numbers for identity.

With the latest release, Riot users can now optionally use mobile phone numbers as well as (or instead of) email addresses for logging in and for user discovery.

What’s new?

By adding phone number support, it’s even easier to find your Riot contacts (and all Matrix users) — fire up the ‘People’ search on the mobile app to discover which of your contacts are already collaborating using Riot.

Adding identification by phone number also gives our users greater flexibility — Riot means communicating on your terms, so unlike WhatsApp or Slack, you get to choose how you identify yourself and how people find you.

To link your phone number with your Riot account, just go to the Settings screen, there you’ll see an option to add a phone number. Pop your number in, and after a quick-and-painless phone number verification (powered by our very good friends at OpenMarket) you’ll be ready to rock. Number verification is currently only working reliably in the UK — we expect to have this working worldwide shortly (check here for progress).

Logging in using your phone number is still being rolled out across Riot web, so if you’re not using a mobile client hold tight for now; you won’t have to wait for long. And if you’re running your own homeserver, you’ll have to hang on for the next Synapse release (sometime in the next few weeks).

End-to-end Encryption Updates

End-to-end encryption is still in beta, but takes a big leap forward with the facility to import and export your session encryption keys (n.b. this is distinct to your device identity key, which never leaves your device).

This release fixes some major issues in the way the iOS & Android implementations of the crypto: all users should upgrade, and on Android they should re-login in again in order to protect from earlier bugs.

What’s new?

You’ve been able to export your keys for a while, but the latest release finally lets you import them back into the mobile app. So if you have to reinstall Riot or switch to a new handset, you can copy over your keys to maintain access to your encrypted message history.

How do I use it?

The ‘Export/Import E2E room keys’ feature can be found on the Settings screen.

To export, press the ‘export’ button, enter a strong-yet-memorable-passphrase and keep the file somewhere safe — Riot’s encryption algorithms are very good at what they do, so if you misplace that file you’ll lose access to your encrypted message history forever.

On Android/Riot Web, importing is the above, just in reverse. On iOS, for now you can only import the key file if it’s been uploaded to a Riot room. We’re working on a simpler user experience, but for now we recommend:

Create a new encrypted room and join it from both the iOS client and Riot Web Upload the key file using Riot Web Click on the key file in the iOS client and enter your passphrase to import it

What’s left?

We’re still tracking down “Unable to decrypt” errors — see this bug for progress. Verification UX and UX in general also still has a long way to go!

Also, we’d like to advise that unfortunately upgrading to 0.6.9 on Android will reset your Riot’s view of which devices you trust — this is part of preparing for improved verification UX; many apologies for the inconvenience.

Thank you all for your continued enthusiasm and interest in Riot. For the finer details check out the changelogs for the Matrix Android SDK, the Android app, the Matrix iOS SDK, MatrixKit, and the iOS app and keep watching this space for more updates!