As of today, the Threema apps are open source! To celebrate this occasion, the apps are available at half price until December 28. That’s 100% transparency at 50% of the price. Those who don’t use Threema yet have more compelling reasons than ever to regain privacy now.
Now, we go a step further. To ensure full transparency and to dispel even the slightest shadow of a doubt, the Threema apps’ source code is publicly accessible starting today. It is subject to the AGPLv3 license, and thanks to reproducible builds, there’s a way to verify that the published code (of the Android app, for the time being) actually corresponds to the apps available for download.
Therefore, it’s no longer necessary to believe our claims or to trust someone else’s assessment. Anyone knowledgeable enough is now able to confirm Threema’s security on their own.
All information on how to download the source code, build it, and reproduce the app can be found here:
As previously announced, the Threema apps’ source code will be published soon. This step ensures full transparency, and anyone knowledgeable enough will be able to independently verify Threema’s security.
However, going open source doesn’t mean it’s no longer necessary to commission external experts to audit the code. The mere fact that a software’s source is open doesn’t guarantee that qualified specialists go to the trouble of systematically reviewing the code. After all, reviewing software of Threema’s scale not only requires profound technical expertise, it’s also quite time-consuming.
Whereas the most recent audit to date was conducted by the University of Münster’s Lab for IT Security in 2019, we hired Cure53 this time. In a total of 16 person days, experts of the renowned security firm subjected the Threema apps to a thorough inspection.
Even though the audit was carried out with great rigor and attention to detail, it did not reveal any serious vulnerabilities. On the contrary, the experts were impressed with Threema’s code quality and its general structure:
“Cure53 needs to underline that the overall impression of the code quality and general structure of the project can only be described as unusually solid. The design and implementation were clearly accomplished by a rare team of experienced and securityaffine engineers. In Cure53’s opinion, there should be no doubt about the focus of these processes being on providing a highly secure messaging application without encumbering the overall user-experience.” (p. 17)
Of the few minor improvements Cure53 suggested, some are already implemented in the current app versions, and the others will be incorporated into upcoming updates. Read the full audit report here:
There’s a minor Threema update for iOS available, which, among other things, includes some improvements in regard to photo handling.
On iOS 14, you can now grant the Threema app access to individual photos on the fly (instead of either granting access to the entire photo library or not granting access at all):
Navigate to “iOS > Settings > Threema > Photos”
If you tap the plus sign in a chat and select “Choose Existing,” you’ll be presented with iOS’s photo picker instead of Threema’s. This way, the Threema app only gets access to the photos you actually send, not to your entire photo library.
While captions could only be added when sending photos via the Share button prior to this update, it’s now possible to add captions right in the app. And if you select multiple photos at once, simply drag and drop them to define the order in which they are sent.
To learn about other changes and additions the 4.6.3 update contains, please refer to the changelog.
These days, many chat services allow users to use multiple devices in parallel. Therefore, one might assume that such a multi-device functionality must be easy enough to implement. Provided that security and privacy protection are not a major priority, this notion isn’t far off. If, however, the multi-device protocol is required to meet Threema standards, things get complicated.
In order to fulfill Threema’s requirements, a multi-device solution must, of course, provide full end-to-end encryption. That’s a given. But on top of that, it also has to rule out any possibility for the server to alter key material, and the amount of transferred metadata must be kept to the absolute minimum.
Even though these requirements pose a true technological challenge, we believe to have found a capable and elegant solution, which is currently in development and will become available in the course of 2021.
Using Threema Gateway, you can send, receive, and process Threema messages by means of your own software. Whappodo has used this technique to create a useful service for retrieving regional Corona stats.
Simply send a location (as location, not as text message) to the Threema ID *COVIDEN, and, in return, you’ll receive the current Corona stats for that region: Give it a try!
The Corona Radar showcases how Threema Gateway can be used in clever ways.
Chat apps have become an indispensable communication tool in many areas, also at school. Classroom chats form an integral part of everyday school life, and homework is often assigned via text message. Since conventional chat services systematically collect personal data, their use for school purposes is highly questionable and may violate applicable law.
With Threema Education, schools and other educational institutions benefit from all advantages modern instant messaging offers without compromising the privacy of students and teachers.
Thanks to a framework contract with educa.ch, it’s now easier than ever for public Swiss educational institutions to use Threema Education. As a Specialist Agency of the Swiss Confederation and the cantons, educa.ch negotiates framework contracts with commercial service providers in order to promote digitalization in the education sector.
The framework contract ensures legal certainty and reduces the acquisition effort. And since Threema Education doesn’t generate recurring costs, educational institutions benefit from planning security in any case.
A new chapter is added to Threema’s success story.
Strengthened Through Partnership
After an intense startup phase, Threema lays the foundation for continuity, further growth, and an acceleration of the product development thanks to the entry of the German-Swiss investment company Afinum Management AG.
Afinum fully shares our values regarding security and privacy protection. The additional resources gained through this partnership enable Threema to grow beyond the German-speaking part of Europe, and we can use our energy for visionary new ideas and projects. That said, Threema’s founders – Manuel Kasper, Silvan Engeler, and Martin Blatter, all software developers – will continue to lead the company and still retain a significant ownership interest.
Open Source and Multi Device
Security and privacy protection are deeply ingrained in Threema’s DNA, which is why our code gets reviewed externally on a regular basis. Within the next months, the Threema apps will become fully open source, supporting reproducible builds. This is to say that anyone will be able to independently review Threema’s security and verify that the published source code corresponds to the downloaded app.
In the future, it will be possible to use multiple devices in parallel thanks to an innovative multi-device solution. In contrast to other approaches, no trace of personal data will be left behind on a server. Thanks to this technology, Threema can be used on a PC without a smartphone.
In conclusion, Threema will become even more trustworthy and even more convenient to use.
After a thorough beta test, video calls are now ready for everyday use! Simply switch on the camera during a Threema call, and your contact will see you in stunning image quality, while you can rest assured that no one else is able to access the video.
Rigorous Data Protection
Since video calls contain personally identifiable information of the purest form, they are particularly worthy of protection. As is to be expected, Threema’s video calls are designed from the ground up with security and privacy in mind. Not only the transmitted data but also signaling is fully end-to-end encrypted, and before a call is accepted, no data is transmitted.
When it comes to metadata, video calls also meet Threema’s rigorous standard. In order to ensure full end-to-end encryption of all metadata (including real-time metadata, such as camera orientation), our team had to make corrections to the widely used base technology “WebRTC.” This security improvement will be incorporated into the WebRTC project, meaning that countless other communication services benefit from our patch in the future.
Technical details concerning the security aspects of Threema’s video calls are documented in the Cryptography Whitepaper.
Intuitive User Interface
To place a video call, simply start a regular Threema call, and tap the camera button in the top right corner to activate video transmission. Your call partner can choose to turn on their camera at any time, or, if preferred, they can leave it off during the entire call, which is to say that it’s possible to conduct one-way video calls.
While a video call is ongoing, you can return to the app and use it like you normally would. On Android, you can even leave the app and continue video calls in picture-in-picture mode.
If you wish not to receive video calls at all, simply deactivate the Allow Video Calls option in Settings > Threema Calls.
Excellent Voice and Image Quality
Video calls exhibit the crystal-clear voice quality Threema users have become accustomed to from voice calls. Image quality is every bit as brilliant and automatically adapts to the available bandwidth. But don’t take our word for it, update the app and see for yourself:
A photo of someone is personally identifiable information of the purest form. That’s why photos are so commonly used to identify people; a prime example is the photo in your passport.
Video calls not only contain single photos, they consist of continuous images of the participants in real time. Therefore, they are more up to date and a lot richer in information than a simple photo. Even without taking into account the facial recognition technology available today, the potential for misuse is considerable.
Given this sensitive nature, video calls are particularly worthy of the security and privacy protection Threema provides. Also those who wrongly believe their privacy is not at stake when exchanging text messages must be aware of the potential dangers video calls pose, and everyone should shy away from services that lack proper security and privacy protection when it comes to video calls.
For the past few weeks, the participants of our beta program have put video calls to the test. Starting next week, all Threema users will be able to make video calls without having to worry about their privacy. Stay tuned!
When buying a smartphone, battery life is a crucial decision factor. Even the most advanced mobile device is pretty much useless without energy. For this reason, smartphone manufacturers use various means to squeeze the absolute maximum out of their batteries. However, some brands of Android devices take it too far and throw the baby out with the bath water. They limit the background activity of third-party apps in such drastic ways that some of these apps can no longer provide basic functionality.
Longer Battery Life at the Cost of Reliability
If an app is active in the background, it might consume energy for no valid reason. This is why manufacturers like OnePlus, Samsung, and Xiaomi simply terminate third-party apps in the background or cut off their network connection based on custom, intransparent specifications (without notifying the user). Such measures don’t comply with Google’s Compatibility Definition Document (CDD). While not all apps suffer from obvious drawbacks, this undue behavior imposes major limitations on instant messengers like Threema as it inevitably leads to incoming messages appearing too late or not showing up at all while the app is in the background.
Special Treatment for Mainstream Apps
The problem runs even deeper, though. Since phone makers don’t want to annoy their customers, they add the most popular apps – WhatsApp and Facebook Messenger, for example – to so-called “whitelists.” Apps included in whitelists are exempt from restrictions and work perfectly fine under all conditions. This gives users the impression that Threema is responsible for delayed notifications because other messengers don’t suffer from similar shortcomings. In fact, however, device manufacturers are solely responsible for these delays, and, what’s worse, there is nothing Threema can do about it.
In theory, users can enable the background activity for individual apps on some devices. However, the respective settings are typically scattered across countless screens in the system preferences’ most deep-leveled submenus. These settings differ not only from brand to brand but also from device model to device model, and the next OS update may reset the configuration altogether. On many devices, there is no way to manually fix the misbehavior in the first place.
Huawei Is the First to Reconsider
Some weeks ago, Huawei has re-enabled Threema to make use of the background activity provided by Android. On newer Huawei devices, Threema is therefore fully functional again. Our repeated attempts in convincing other manufacturers to also exempt Threema from destructive restrictions have failed, however.
This is why we now ask you, the users of affected devices, to contact the brands in question directly and kindly ask them to resolve this unfortunate situation:
Threema doesn’t store your data centrally on a server. Instead, your data is stored directly on your smartphone and is therefore protected in the best possible way against data leaks and unauthorized access by third parties.
It’s not always easy to reconcile security with usability, and one downside of this privacy-focused approach is the potential data loss that occurs if you ever happen to lose access to your device (and don’t have a recent backup). To compensate for this drawback without weakening security and privacy protection, Threema Safe has been available as a backup solution for some time now.
However, it is important to stress that Threema Safe does not simply create encrypted cloud backups; as far as security and privacy are concerned, it differs significantly from conventional backup approaches.
Threema Safe’s security doesn’t start with the encryption of backup content but one step earlier, with a backup’s file name.
The file name used to store a Threema Safe backup on the server is cryptographically derived from a combination of the Threema ID corresponding to the backup and the password defined by the user. Therefore, no conclusions can be drawn as to whether a given backup belongs to a certain Threema ID or not. Vice versa, it’s impossible to determine whether there is a backup of a certain Threema ID present on the server or not (without knowing the password).
This is to say that even if we assume an attacker could gain access to the backup server in order to get to your data, he wouldn’t be able to tell whether there is a backup of your data in the first place, let alone ascertain which backup file is yours.
Threema Safe’s security architecture is straightforward and does not rely on complex, intransparent CPU features, such as Intel SGX, on the server side. Instead, backup encryption is based on the tried and tested standards scrypt and NaCl. All technical details concerning protocol and encryption are well-documented in the Cryptography Whitepaper.
The advantage of a simple and transparent security architecture is that it does not tempt users to fall into a false sense of security, and therefore users are less likely to choose passwords that are easy to guess or crack.
In order to use Threema Safe, you have to explicitly opt in. If you prefer to only store your data locally on your smartphone, you don’t have to upload a backup to any server whatsoever, and you can still use Threema without limitation.
With the Threema apps’ latest beta versions, Threema calls graduate to the audio-visual dimension. As is to be expected, video calls get the full Threema treatment in terms of privacy and security. And since video calls are inherently personal, they are particularly worthy of protection.
Video calls in Threema are fully end-to-end encrypted (not only audio and video, also signaling is end-to-end encrypted). In contrast to users of conventional services, Threema users can therefore rest assured that no one besides caller and callee – not even Threema as service provider – is able to access and view the video stream.
Thanks to Threema’s contact verification, Man-in-the-Middle attacks can be effectively prevented, and there’s no need to manually verify a code for the purpose of authentication. When communicating with “unknown” Threema IDs (red verification level), the connection is always established via Threema’s server. This way, one’s own IP address isn’t exposed to dubious contacts.
Of course, Threema’s principle of maximum metadata restraint also applies to video calls. It’s not required to provide any personally identifiable information, such as a phone number or email address, to place a call.
Excellent Image Quality and Intuitive Interface
Video calls provide the crystal-clear voice quality Threema users have become accustomed to from voice calls. The image quality is every bit as brilliant and automatically adapts to the available bandwidth.
Video transmission is an option of Threema calls that can be enabled at any time during an ongoing call. Once a Threema call is established, both parties can independently enable and disable video transmission by tapping the camera icon. This is to say that it’s possible to conduct one-way video calls.
The dynamic UI of video calls allows to return to the app and use it as usual while a video call is ongoing. Android users can even leave the app and continue video calls in picture-in-picture mode.
Participants of Threema’s beta program are able to start testing video calls today. To install the beta version of Threema for Android, scroll to the “Join the beta” section in the Threema listing on Google Play, and tap “Join.” Unfortunately, we cannot accept new iOS beta testers due to Apple’s TestFlight limits. We’re sorry about that.
Happy testing, we look forward to receiving your bug reports!
In times of home office and constant availability, it is increasingly difficult to protect one’s spare time against the intrusion of work. Thanks to the new off-hours policy in Threema Work for Android, there is now an efficient way to restore a healthy work–life balance.
Simply define your working hours in “Settings > Sound & Notifications > Do not disturb,” and you won’t be bothered with work issues after office hours. If your colleague from accounting calls while you’re off duty, the call will automatically be rejected. If the overzealous marketing manager sends text messages on the weekend, you won't notice because you don’t receive any notifications. Instead, you’ll spend your leisure time relaxed and free of work-related worries. And after your uninterrupted downtime, you’ll be even more productive when you start work rested and recharged on Monday morning.