What kind of data is transmitted via push notification services?
Threema uses the Apple Push Notification Service (APNS) to inform recipients with iOS about new messages while the app is closed or in the background. The APNS message contains a payload that has been encrypted with a symmetric key, which is negotiated between the app and the Threema servers and is not known to Apple.
Within this encrypted payload, the Threema ID and nickname of the sender, the message ID, and the fact whether it is a direct or a group message, are transmitted.
The Notification Extension of the Threema app is started in the background for each incoming push notification, decrypts the push payload, downloads the corresponding message directly from the Threema servers, decrypts it and shows a local message preview (if enabled) and the contact name of the sender.
Threema uses Google Cloud Messaging (GCM) to inform the Threema app of recipients with Android about incoming messages in the background. The app then fetches messages directly from the Threema servers, decrypts them and displays a local notification. Neither contents nor details about messages are transmitted via GCM (the GCM payload is empty).
You can choose whether or not you would like to use Threema with Google Services. The option “Troubleshooting > Activate Polling” allows you to use Threema without GCM. However, we don't recommend this.
The development of a custom push-service is difficult, since its reliability depends on numerous factors. We are therefore consciously using the recognized push services of Apple, Google and Microsoft. They are already installed on the vast majority of devices. Furthermore, channelling push notifications saves battery power.