Thanks Brendan. From that article:
We rated the security of your message when it’s on your phone, on its way to your contact and on your friend’s phone, including how it’s stored at both ends. The apps that rate highest for security fulfil more of the security features criteria. These include encryption, amount of user data collected, server location and protection. They also include protection from messages being copied/forwarded, message destruction, security audit and if the code is open-source.
Encryption - fine. Except it can be done right and it can be done wrong. Does the app hash first or encrypt first, for instance.
Where is the message stored? Good - except in some apps messages go through a central server, meaning that the app owner (such as Facebook) has access to them.
Protection from messages being copied/forwarded? This is impossible, as anyone with a digital camera or who used an app that boasted this can attest. I suggest that this should not be a criterion, as it merely provides a false sense of security (security theatre).
Same with message destruction.
Security audit? How many of the messaging apps have been independently audited? As far as I know, only Signal can boast this, and while WhatsApp uses the signal protocol the implementation matters - and is proprietary. Wait - I understand Threema has also been audited.
Open source is absolutely important, because it allows for the IT security community to try to find holes in the software. Unfortunately, most of the listed apps are not open source - meaning that researchers are working on them with both hands tied behind their backs and typing with their noses.
Finally, I would suggest another and much more important criterion - how does the provider respond when (not if) a vulnerability is discovered in their product? If they deny, delay and defend then they are not doing the right thing by their customers, who are left with an insecure product for an extensive period. If, like LastPass, they produce a patch within hours, then they are trustworthy.