Threema Review as New Most Secure Messaging App when Compared to Facebook Messenger and WhatsApp

Threema is one of the leading end-to-end (E2E) encrypted mobile messaging app like Signal. While creating your account on Threema app, you don’t need your email address or phone number. This allows you to use the service with a very high level of anonymity, making it perhaps the most private messenger of all.

Wow, you think of anonymous service when it comes to Threema messenger app. What can you do with this anonymous service?

Text and voice messages, of course. Voice and video calls? No problem. File transfers? Yes, those too. And all of this is done end-to-end encrypted for excellent security.

Threema app goes beyond many other services in minimizing your footprint on the servers that route traffic. They do this by storing contacts and messages on each user’s device, instead of on the server. In that case, you are secure because your data are not saved in their server.

Additionally, your public keys stored on devices instead of the central servers. Even if someone were to somehow get access to all the data on the servers, there would be little of use to them. Threema is GDPR compliant and offers a range of versions optimized for various use cases.

Threema Company Information

Threema is a product of Threema GmbH, a small, Switzerland-based company. The team released their first version of the product in December 2012 and formally founded the company in 2014.

They launched Threema.Work (a version designed for organizational use) in 2016, and additional versions since then.

Where is your Threema Data Stored?

To the maximum extent possible, data is stored only on the relevant devices. The minimum amount of metadata necessary to move messages to their proper destinations is stored on Threema servers only as long as needed to do its job.

The company’s servers are physically located in two Zurich, Switzerland data centres of an “ISO 27001”-certified colocation partner.

They are protected by security systems that include biometric access control, video surveillance, emergency power systems, fire protection, and more.

Threema Pros and Cons

In this article, we will cover the pros and cons of the service, along with its features and capabilities. By the time we are done, you should have a good idea of whether this is a service you want to invest some time (and a tiny bit of money). Here is a quick summary of the pros and cons we encountered while reviewing this service.

Threema App Pros

====> There is End-to-end (E2E) encryption on your activities

====> Mobile apps plus browser-based, secure desktop chat

====> File sharing, group polling and completed transition to Open Source

====> No telephone number or email address needed, no central user account you data are saved and secure

====> On the app, text and voice messages, voice and video calls, groups and distribution lists are all possible on Threema services

====> Does not log IP Addresses or metadata

====> Encryption algorithms: NaCl (open source cryptographic library)

====> Owns all their own servers

====> GDPR compliant

Threema App Cons

====> Relatively small number of users

====> Does not support 2FA (two factor authentication)

====> No free trial, it is a paid app.

Threema Key Feature

Here are features you will want to consider when evaluating Threema apk

====> E2E encryption with fully anonymous usage for great security and privacy

====> Clients for Android, iOS, and web browsers

====> Transition to Open Source has been completed

====> Specialized versions for various use cases

Is Threema Secure?

Storing all your data on your local device is very safe unless you lose access to your device. This is where Threema Safe comes into the picture.

It is a platform-independent system for anonymously and securely backing up your unique Threema ID (more on this later). Any of your contacts that you optionally synched, your groups, and other bits of data (you can see the full list here).

Therefore, where does Threema secure store things? That’s up to you. By default, it will store the data on the company servers. However, you can configure it to store this data on any server you choose.

Third-Party Testing and Audits of Threema App

Threema is audited regularly. This third-party testing by independent security experts covers all aspects of the service’s security.

At the time of this article was compiled, January 2021. The most recent audit was performed in 2020 by Cure53. What did the auditors have to say?

Cure53 needs to underline that the overall impression of the code quality and general structure of the project can only be described as unusually solid.

Hands-on Testing

We did our hands-on testing by installing the app on two Android phones. We also tested the web client, which needs to be connected to an instance of the mobile app.

We downloaded the apps from the Google Play store, paying the $2.99 fee (plus tax where applicable) for each phone.

Installing and Configuring the Android App

Installing Threema app from the Google Play store didn’t require any special procedure. When you launch the app for the first time, you will need to create your Threema ID.

You do this by moving your finger randomly on a designated area of the device screen. This generates the ID, as well as helping create a unique asymmetric key pair that the app will use to encrypt/decrypt your messages.

A copy of your public key is automatically stored on the Threema servers. People communicating with you will use that to encrypt messages they send to you.

Your private key remains on your device at all times and no one, not even Threema, can see it. Because of this, no one else can read your messages unless they somehow get access to your device.

You must do the finger-wiggling process to create your ID and must create a username and password to log into the app.

The other settings (entering an email address or phone number, giving the app access to your contacts) are optional. Unless you have a strong reason to do so, we suggest you skip these options and use the service anonymously, with only your random ID for the rest of the world to see

Threema App Security

Threema app is one of the better messengers when it comes to security. Encryption features like end-to-end encryption are enabled by default.

However, we are missing perfect forward secrecy on the client level of Threema’s encryption protocol, a feature that for instance Signal offers. On the other hand, we like that during Threema’s setup process, you can touch your touch screen randomly to manually provide some randomness to the key generation.

This means, that even if the operating systems built-in functions for random number generation should have security issues, you have an extra layer of security provided.

Threema apk Privacy

Threema apk (app) is one of the best messaging apps when it comes to respecting your privacy. To use Threema app, you don´t need a phone number or any other address.

When you set up Threema, a Threema ID is generated that uniquely identifies your account. It is possible to connect with your friends using this ID alone, or you can connect by scanning a QR-Code from each of your friends.

Additionally, you can still use your phone number to connect with friends. Further, we consider it a major plus that Threema app is an independent company placed in Switzerland, with all their servers also being there.

Therefore, you are ensured that they are following all the strict privacy laws from Switzerland concerning your data. Threema messenger even points out that they follow the new GDPR (General Data Protection Regulation) laws which came into effect on the Mai 25th 2018 in the European Union.

However, Threema is not open source, so you have to trust the developers and external reviewers that Threema really follows proper security standards. Concerning the settings panel in your Threema App, it may take a minute longer to get an overlook and to understand every setting option than it does when using WhatsApp.

But we actually consider it a big plus point that YOU get a chance to set up who can see your data and what happens with it. For example, Threema apl does not share your online status like WhatsApp does.

Another feature we like is that you can even set up password protection in Threema, so nobody but you can open the App on your phone.

Threema Work/Gateway & Threema Work Education

Until now we have only talked about the regular Threema messenger. But Threema offers additional versions like Threema Work, made for companies.

Threema Work provides some more features including a better broadcast function, e.g. to share information faster to all your employees.

To get access to Threema Work, you have to pay a monthly fee for every device using it. The cheapest version starts at 1.23 Euro per device and month.

However, you have an option to test it for free for 60 days and 15 devices for your company. Threema Work provides the assigned manager with a better control over the use of instant messaging in their company.

With Threema Gateway, you have the possibility to use the Threema encryption with your own software, so you get the chance to customize the way of instant messaging in your company even more.

Threema came up with a solution for messengers in the public education sector. They called it Threema Work Education. It is a Threema Work version adjusted for the interests of education institutions.

In addition, you do not have to pay a monthly fee. Yet you do need to pay a one-time fee of at least 8 Euro per device. We consider this a nice way to support the educational sector when it comes to improving information technologies, e.g. in schools.

On the other hand, one needs to evaluate if the additional features rectify the much higher price than the normal Threema version.

Guide to Use Signal on Personal Computer

Fix Download Pending Error in Google Play App

How To Manage Google Play Store Apps: Download, Update, Uninstall

How to Download and Install Google Play Store APK on Android

How to Update Google Play Services on Android

How to Change Country/Region in Google Play Store

How to Set up Google Play Account on your Android Smartphone

How To Download And Install Google Play Store

Threema app Pricing

The basic Threema app (the one we tested for this review) is available for a one-time fee of $2.99 from Google Play or the iPhone and iPad App Store. The app gets a rating of 4.6 out of 5 stars on the Google Play store:

Threema App, Most Secure Messaging App

As for the other versions, you’ll want to check out their specific pages for pricing and other details. Here are the links you’ll need:

====> Threema Work: Offers and Prices

====> Threema Education: Offer

====> Threema Broadcast: Prices

====> Threema Gateway: Offer

Can I Use Threema without a SIM card?

Yes, you can use Threema without a SIM card. That is because Threema doesn’t use your phone number as an ID. Instead, it uses a randomly-generated Threema ID, which is not related to your personal data in any

Is Threema more Secure than WhatsApp?

Both Threema and WhatsApp are end-to-end encrypted, which makes them very secure to start with. However, WhatsApp stores some metadata about who is communicating with whom and when they do it, while Threema doesn’t.

 In addition, WhatsApp is now owned by Facebook, a company that doesn’t have the best reputation for respecting its user’s rights. Not only that, Facebook and WhatsApp are now linked together, what you share of WhatsApp may likely show up on Facebook.

In that case, we are not relying on Facebook and WhatsApp as secure compared to Threema ns Signal app. Put it all together and we would guess that Threema is at least as the secure app, not WhatsApp, and possibly more secure. It is definitely one of the best alternatives for WhatsApp.

Leave a Comment