These days, any popular instant messenger encrypts the transmitted messages; therefore, it doesn’t matter which service you use. Right? Not quite. For one thing, there are major differences regarding type and scope of the encryption, for another thing, as important as encryption is, it is only one aspect of comprehensive security.
The term “secure instant messenger” is typically used to refer to chat services that end-to-end encrypt the transmitted messages. This is to say that only the intended recipient can decrypt and read the messages but not the service provider or any third party that might intercept the messages in transit. Not all popular chat services use this form of encryption. Even some of the services that are generally considered secure don’t use it by default or not across the board.
A secure instant messenger should not just end-to-end encrypt selected single chats; it should use a well-established method to end-to-end encrypt any kind of communication, including voice calls, media files, group chats, and status messages.
The way metadata is handled is just as important for comprehensive security as message encryption. “Metadata” is any information relating to the communication except the message content itself, e.g., identity of sender and recipient, their IP addresses, time, place, and frequency of communication, contact lists, group memberships, profiles, etc. This data allows to draw insightful conclusions about the users, which is why certain companies systematically collect it and combine it with data from other sources. With the phone number as common denominator, it’s particularly easy to map user data across different sources.
A secure instant messenger should only generate data that’s absolutely necessary for message exchange. Because where there is no data, no data can be misused.
Security by design
In contrast to chat services that have introduced end-to-end encryption after the fact (and collect user data to this day), Threema was built from the ground up with security and metadata restraint in mind. For example, Threema can be used without disclosing any personal information because instead of a phone number (as with traditional messaging apps), an anonymous ID serves as unique identifier.
Besides encryption of messages and handling of metadata, the security of a chat service depends on several other factors. The independent website Secure Messaging Apps Comparison offers a detailed comparison of popular instant messengers based on a variety of such factors. Threema scores particularly well: It’s the service that ticks the most “nothing of concern” boxes.
Compare instant messengers on securemessagingapps.com
iOS users can now protect themselves against loss of their Threema ID, contacts, group memberships, and privacy settings: Threema Safe, the anonymous backup solution for your most important Threema data, is now also available on iOS.
Since Threema Safe is platform-independent, it allows to transfer the mentioned data from Android to iOS (and vice versa). Threema for Windows Phone will add Threema Safe support with an upcoming update.
To learn more about Threema Safe, please refer to the FAQs. For more details about Threema 4.1 for iOS, please consult the change log.
You’re sitting in a coffee shop, talking to a friend. Suddenly, the waiter shows up, asks for your phone numbers, and wants to know who else you’re friends with and what you’re talking about. Do you provide the requested information? Would you provide the information if, in turn, you wouldn’t have to pay the bill? Is it safe to assume that you have something to hide if you don’t enter into this deal?
Internet users who disclose their privacy in order to access free online services often do so on the grounds of having “nothing to hide”. However, as closer inspection reveals, this position is untenable. Having nothing to hide might be a desirable state of affairs, but it doesn’t entail that it’s safe to disclose one’s privacy.
If you don’t feel comfortable providing the requested information to the waiter, that doesn’t mean you have something to hide. It simply means you wish to preserve the privacy you rightfully deserve. Maybe you’re discussing something mundane, like the weather, but you think it’s none of the waiter’s business. Also, you don’t know what the waiter might do with the obtained information and why he’s keen on acquiring it in the first place.
If you do not carelessly disclose personal information to strangers in real life, you probably shouldn’t provide the same information to online services, either. By combining several data points, it’s easy to draw a detailed picture of you; one which reveals far more than each data point would on its own – and one that could reveal more about you than you would imagine.
Thanks to Threema Safe, you will never lose your Threema ID, contacts, and groups again. Our new backup solution is anonymous, highly secure, automatic, platform-independent, and can be self-hosted. Once Threema Safe is activated, you can confidently forget about it.
Why Threema Safe is secure, how often backups are created, which data they contain, how to store backups on your own server, and more information can be found in the Threema Safe FAQs. Technical details concerning security are documented in the Cryptography Whitepaper.
Threema Safe is currently available for Android. iOS and Windows Phone will be supported soon. To learn what else is new in Threema 3.6 for Android, please refer to the change log.
Threema 4.0 for iOS is here! This major update adds support for Threema Web and allows to adjust notification settings on a per-chat basis. On top of that, it includes other enhancements as well as several under-the-hood improvements.
Web client for iOS
With Threema Web, you can conveniently use Threema on the desktop without compromising security. Simply connect Threema with your browser by scanning a QR code. You can then send and receive Threema messages on your computer, where all your chats are fully available. Save or send images and other files with ease by dragging and dropping.
As with the web client for Android, Threema Web for iOS was developed with security and privacy in mind. The communication between phone and PC is fully end-to-end encrypted, and after the session is terminated, the synchronized messages are immediately deleted in the browser. Technical details are documented in the Cryptography Whitepaper.
Individual notification settings
Notification settings can now be adjusted on a per-chat basis, allowing you to disable or mute notifications of any single or group chat indefinitely or for a specified amount of time. If, for example, the current topic of a group conversation does not concern you, simply deactivate notifications of the group for a given amount of time.
The 4.0 update includes many other changes and additions. For example, you can now delete multiple media files at once and create groups of up to 100 members. For all the details, please refer to the change log.
With Threema Broadcast, Threema introduces a new era of professional instant messaging. Never before has top-down communication been this versatile, secure, and straightforward.
Use feeds and distribution lists to send messages to any number of recipients, and turn Threema into a powerful newsletter channel. While users can subscribe to and unsubscribe from feeds, you manage the recipients of distribution lists yourself.
With bots, you can create interactive information-retrieval systems that allow your users to quickly get the answers they are looking for.
Manage central group chats together with any number of co-administrators, and participate in the group discussion right from your PC, without a mobile device.
Threema Broadcast is available free of charge to all Enterprise users of Threema Work. It is integrated into the management cockpit, ensuring a smooth interaction between the crucial tools for corporate communication. There is also the option to use Threema Broadcast as stand-alone service at affordable rates.
These are just some of the various benefits Threema Broadcast offers: You streamline the broad distribution of information, simplify employee support and customer care, and save time and money. Unlock the full potential of instant messaging, and lead your company to success with Threema Broadcast.
Visit the Threema Broadcast website
The new version of Threema for Android includes some design tweaks, e.g., handy date separators in chats, as well as a streamlined group and chat management (tap and hold a chat in the chat overview to see all available options).
Furthermore, the 3.5 update adds support for Threema Web 2.0. The new web-client version improves performance, allowing for even faster and smoother navigation. “My ID” settings can now be accessed and adjusted directly in the browser (by clicking on your name).
The 2.0 update prepares the web client to be used via the iOS app. The beta test of Threema Web for iOS has entered the final stage.
Across the world, leading companies of all industries use Threema Work for fast and secure communication in the company.
Since the new EU General Data Protection Regulation (GDPR) entered into force, the demand for Threema Work has increased even more.
The Threema Work ecosystem covers a whole variety of use cases. Read our Success Stories to learn more about Threema Work’s versatility. Find out first hand how it can contribute to the success of your company, and learn how Threema Work helps our clients to communicate in an efficient, secure, and affordable way while leaving data-protection concerns behind.
Read the Success Stories
We have recently introduced Threema Education, a secure and privacy-compliant chat solution for schools and educational institutions.
Today, Threema Education becomes even more compelling because there are no more recurring costs. With a one-time purchase, schools can now permanently enable students, parents, and teachers to chat without exposing their privacy. Considering a usage term of five years, Threema Education is only CHF 1.82 (€ 1.58) per year for one user.
The General Data Protection Regulation (GDPR) has sparked a lively debate over whether the use of chat services for school purposes is legal or not. Due to the rigorous privacy protection, the use of Threema in schools is safe and GDPR-compliant.
Since Threema doesn’t require a SIM card or a phone number, it is also ideally suited for school tablets.
Learn more about Threema Education and start a free trial
As it enters the beta stage today, the web client for iOS approaches the finish line!
Join the beta program to be among the first iOS users who can access Threema from the desktop. Put the web client to the test, and report any bugs you encounter.
The number of beta testers is limited. As usual, the “First come, first served” principle applies. Existing testers automatically participate in the beta program and don’t need to sign up again.
Thank you for your support, have fun testing!
Join the beta program
Guest article by Jaime Escuder
Often, when I ask people to join me on Threema, they balk. “Why should I pay for Threema, when I can use other encrypted messaging apps for free?” they ask.
Actually, there are a lot of reasons why Threema is worth paying for.
For starters, Threema is simply more enjoyable to use than other messengers and offers everything one would expect from a modern chat app, even allowing for encrypted phone calls.
Also, as a Swiss company, Threema is protected by Switzerland’s stringent and user-friendly privacy laws, meaning that it’s not subject to the vulnerabilities of America’s weak privacy protections like U.S.-based messaging apps are.
In addition, unlike many other apps, Threema doesn’t require your phone number, which means that its users can communicate with each other completely anonymously.
While each of these is a good reason to use Threema, there is another crucial aspect that is often ignored. It may seem counterintuitive, but the fact that Threema is a paid app is one of its greatest strengths.
At Threema, it’s the users, not investors, who are in charge
Threema does not operate under a typical Silicon Valley type of financial model, which is based on catering to advertisers. Instead, Threema charges a fee because, naturally, it has to cover its development and payroll costs. But what this means is that Threema is actually owned by its users and not by investors or venture capitalists who have an agenda.
Yes, mining a user’s data or accepting outside funding can allow an app to be “free,” but the truth is that nothing is free. If you’re not paying for a service, you can expect that your data is being exploited in some way, as we saw with Facebook’s Cambridge Analytica scandal. Threema’s reliance upon its users for support means that its only incentive is to make the best encrypted messaging app possible.
When you use online products that don’t charge for their services, you’re giving your privacy away for free. When you pay for a service like Threema, you’re paying to protect it.
Attention, educational institutions! There is now a special offer for you: Threema Education. You benefit from a 60% discount compared to Threema Work Enterprise.
Instant messaging is arguably the most popular means of communication, especially among the youth. Students interact lively via chat apps and use them to coordinate their school projects. Teachers have also started using instant messaging to quickly and conveniently assign homework, organize field trips, etc. However, conventional chat apps are not suitable for schools due to their poor privacy protection; experts strongly advise against their use.
Stay on top of instant messaging. Get Threema Education to protect the privacy of both students and teachers, and allow them to strictly separate personal and school communication.
Learn more: Threema Education
Guest article by Jaime Escuder
If you read the Threema blog, you’re probably someone who understands the value of end-to-end encryption to protect your communication and your messages. But did you know that metadata can reveal more about you than the actual message content?
Every message that you send leaves a trail of so-called metadata. This can include a record of extensive information of who you talk to, your online status, and the composition of your groups. It can even be used to determine where you are when your messages are sent.
Not only companies and social networks know that this information is of utmost value. Also governments and hackers know that metadata can be used to learn intimate things about you, which is why metadata surveillance has become routine. In fact, in 2013 the Guardian reported on the United States’ National Security Agency’s massive metadata collection program.
Good news for iOS users. Threema Web for iOS is coming along great. We are close to the finish line, but there is still quite some work ahead. We’re anticipating a public beta by May. Stay tuned for more information. Thank you for your patience!
The aim of the new General Data Protection Regulation (GDPR) is to improve the data privacy of EU citizens and to make services with insufficient privacy protection accountable. The new law will enter into force in May 2018.
Security and privacy protection have always been Threema’s guiding principles. No technical adjustments were necessary to meet the GDPR requirements. Hence, nothing changes for Threema users.