Are messages stored in encrypted form on my device?

Yes.

  • Android: Threema includes its own app-specific encryption based on AES-256 to protect stored messages, media and your ID's private key. The key used for this encryption is generated randomly the first time you start Threema, and can optionally be protected by setting a Master Key Passphrase in the settings, which we highly recommend. Without a passphrase, the encryption will only add obscurity due to the way hardware encryption is handled on Android. If you set a Master Key Passphrase, you will have to enter it after every restart of the device (and after the system has terminated the app due to low memory).

    Note: The PIN lock, which can be enabled independently of the master key passphrase, does not cause any additional encryption; it is simply a UI lock.

  • iOS: Threema uses the iOS Data Protection feature to encrypt messages, images etc. in the device's flash storage. The key used for this encryption is linked to the device's passcode. It is necessary to set a passcode in the system settings to use this feature. On newer models, iOS also uses hardware features for the encryption; therefore even a simple six-digit passcode offers a certain protection. For the highest protection against brute force attacks, you should choose a longer, alphanumeric passcode.

    Note: The passcode lock that is built into the app itself does not offer any additional encryption. This feature is intended to keep nosy people from reading your messages when you intentionally give them your phone for a short time for another purpose. Encryption with a six digit code inside the app would not be sensible, as brute force attacks would be trivial (since unlike iOS, an app cannot access special hardware features to protect the key).

For detailed technical information about the cryptography in Threema, read the Cryptography Whitepaper.