Threema provides maximum security and comprehensive privacy protection
No other chat service offers a similar level of security, metadata restraint, and confidentiality.
Security and Privacy by Design
Threema was designed from the ground up with security and privacy in mind. Since day one, the restraint on metadata has been our guiding principle. For where there is no data, no data can be misused. Threema’s servers only assume the role of a switch: After a message has been delivered to its recipient, it will be permanently deleted at once.
The focus on security and privacy protection is also reflected in the implementation of numerous particular features, such as profile pictures, Threema calls, and the web client.
Threema is committed to full transparency, and for this reason, the apps are open source. On top of that, renowned experts are regularly commissioned to conduct comprehensive security audits.
How does Threema stack up against Signal, Telegram, and WhatsApp? Find out:
Messenger ComparisonConsistent end-to-end encryption
Threema employs the tried and tested open-source cryptography library NaCl. All communication is
end-to-end encrypted. This is to say that any type of message is protected against eavesdropping,
including group messages, photos/videos, files, voice calls, and even status messages. In contrast
to conventional messenger apps, a fallback to unencrypted connections is ruled out by design. Nobody
else except the intended recipient can read a Threema message.
The algorithms and design decisions behind the cryptography in Threema are explained in detail in
the Cryptography Whitepaper.

Unparalleled metadata restraint
Threema is designed to generate as little data on servers as technically possible. Groups* and contact lists are solely managed on the users’ devices, not on the server, messages are deleted immediately upon delivery, no log files are created, and no personally identifiable information is collected.

Open Source and External Audits
To ensure full transparency, the Threema apps’ source code is publicly accessible and open for review. Thanks to reproducible builds, anyone can verify that the published code (of the Android app) corresponds to the apps in the stores.
On top of that, external experts are regularly commissioned to conduct systematic security audits, and the resulting reports are published in their entirety.

Anonymous use, no account required
It is not necessary to provide a phone number or email address in order to use Threema. When setting up the app, each user generates a Threema ID, which serves as unique identifier. Since this ID is a random sequence of characters, Threema can be used anonymously. No central user account is created.
Optional Contact Synchronization
Threema can be used without access to your address book. If you do grant access to the address book in order to retrieve your contacts’ Threema IDs, the contact data is transferred in one-way encrypted form and will not be stored on the server.