Threema doesn’t store your data centrally on a server. Instead, your data is stored directly on your smartphone and is therefore protected in the best possible way against data leaks and unauthorized access by third parties.
It’s not always easy to reconcile security with usability, and one downside of this privacy-focused approach is the potential data loss that occurs if you ever happen to lose access to your device (and don’t have a recent backup). To compensate for this drawback without weakening security and privacy protection, Threema Safe has been available as a backup solution for some time now.
However, it is important to stress that Threema Safe does not simply create encrypted cloud backups; as far as security and privacy are concerned, it differs significantly from conventional backup approaches.
Threema Safe’s security doesn’t start with the encryption of backup content but one step earlier, with a backup’s file name.
The file name used to store a Threema Safe backup on the server is cryptographically derived from a combination of the Threema ID corresponding to the backup and the password defined by the user. Therefore, no conclusions can be drawn as to whether a given backup belongs to a certain Threema ID or not. Vice versa, it’s impossible to determine whether there is a backup of a certain Threema ID present on the server or not (without knowing the password).
This is to say that even if we assume an attacker could gain access to the backup server in order to get to your data, he wouldn’t be able to tell whether there is a backup of your data in the first place, let alone ascertain which backup file is yours.
Free Server Choice
It is, however, not necessary to store Threema Safe backups on the Threema server. Technically inclined users can store their backups on any WebDAV server of their choice.
Solid and Transparent Architecture
Threema Safe’s security architecture is straightforward and does not rely on complex, intransparent CPU features, such as Intel SGX, on the server side. Instead, backup encryption is based on the tried and tested standards scrypt and NaCl. All technical details concerning protocol and encryption are well-documented in the Cryptography Whitepaper.
The advantage of a simple and transparent security architecture is that it does not tempt users to fall into a false sense of security, and therefore users are less likely to choose passwords that are easy to guess or crack.
In order to use Threema Safe, you have to explicitly opt in. If you prefer to only store your data locally on your smartphone, you don’t have to upload a backup to any server whatsoever, and you can still use Threema without limitation.