Security and Privacy
- What makes Threema secure?
- How does Threema compare to other messengers?
- What’s special about Threema’s privacy protection?
- Which data gets stored at Threema?
- Is Threema open source?
- Are messages stored in encrypted form on my device?
- Could you decrypt my messages, for example if you were required to by law enforcement?
- How do you protect yourself against man-in-the-middle (MITM) attacks with Threema?
- Where are the servers located?
- Will my address book data be sent to your servers?
- How does Threema audit its code?
- How and where is my key pair generated?
- Is the use of Threema compliant with privacy laws?
- How can I find out which data is stored about my ID on Threema’s server?
- What kind of data is transmitted via push notification services?
Are messages stored in encrypted form on my device?
- Android: Threema includes its own app-specific encryption based on AES-256 to protect stored messages,
media and your ID's private key. The key used for this encryption is generated randomly the first time you start
Threema, and can optionally be protected by setting a Master Key Passphrase in the settings, which we highly
recommend. Without a passphrase, the encryption will only add obscurity due to the way hardware encryption is
handled on Android. If you set a Master Key Passphrase, you will have to enter it after every restart of the
device (and after the system has terminated the app due to low memory).
Note: The PIN lock, which can be enabled independently of the master key passphrase, does not cause any additional encryption; it is simply a UI lock.
- iOS: Threema uses the iOS Data Protection feature to encrypt messages, images etc. in the device's flash
storage. The key used for this encryption is linked to the device's passcode. It is necessary to set a passcode in the
system settings to use this feature. On newer models, iOS also uses hardware features for the encryption;
therefore even a simple six-digit passcode offers a certain protection. For the highest protection against brute
force attacks, you should choose a longer, alphanumeric passcode.
Note: The passcode lock that is built into the app itself does not offer any additional encryption. This feature is intended to keep nosy people from reading your messages when you intentionally give them your phone for a short time for another purpose. Encryption with a six digit code inside the app would not be sensible, as brute force attacks would be trivial (since unlike iOS, an app cannot access special hardware features to protect the key).
For detailed technical information about the cryptography in Threema, read the Cryptography Whitepaper.