How does Threema audit its code?

Ensuring security and privacy is our biggest mission. Therefore, we review our code internally on a regular basis and with the greatest care. Furthermore, Threema's encryption code is open to independent audits as it uses the Open Source NaCl library. Anyone can validate Threema's correct application of the encryption: https://threema.ch/validation.

In August 2015, Threema was subjected to an external security audit. The result confirms that Threema's concepts fully meet the requirements for secure and trustworthy instant messaging. Furthermore it attests that the implementation of all components relevant for security and privacy was performed properly as specified.

Read a summary of the audit report here.

A comprehensive Cryptography Whitepaper describing the algorithms and protocols used in Threema can be found here.

Other useful topics