Threema has, year on year, been on our list of the best performing and secure messaging services out there and that has been consistent for the 5 years we have been conducting this survey.

This year we're looking a little deeper into the services' systems including where their servers are and how their encryption is actually implemented etc.

Threema started life as an acronym: 'EEEMA' being derived from End-to-End Encrypted Messaging Application. The three consecutive Es were considered a bit unwieldy, so it morphed into THREEMA.

Threema is operated out of Switzerland and all servers are located in Zurich, which is in the German speaking part of that country and probably explains the apps popularity amongst German speakers..

Threema has more then 6 million users, 2 million of which are on Threema Works! This is an office/work solution for companies such as Bosch, Dailmer and even "Alliance 90 / The Greens" which is a German political party that focuses on environmental issues.

But back to the main Threema application, you can download this on iOS and from Google Play, but you also have the option to buy it directly from the Threema Shop. There, you can get the Android version via APK license for $4.10 (and pay in bitcoin!). This is a great way to stay anonymous and you can install it on Lineage or any other non Google framework phones.

Threema charges a 'one time fee' which negates the motivation to sell your data for income, as you actually pay for the service. Threema advertises the fact that they collect no or almost no metadata.

Master your metadata with Threema
Guest post by Jaime Escuder

To generate a Threema ID, move your finger over the screen as no telephone number or email address is needed to get your Threema app working. This is a truly ‘decentralized’ form of ID as it is generated away from  any server. To sign up for Threema, you need neither a phone number nor an email address, a unique feature which allows users to remain 100% anonymous. If you prefer, there is an option to enter your email and phone number in your profile which will allow friends to find you. However, we recommend to run with just the Threema ID.

So far pretty impressive, yet the source-code is not entirely open-source. However in March 2019 Threema did submit to a new audit:

New Threema audit
New Threema audit

https://threema.ch/press-files/2_documentation/security_audit_report_threema_2019.pdf

For the E2EE (End-to-End-Encryption) Threema uses the open-source protocol NaCl, so even if Threema is not total open-source, at least it's encryption is.

https://threema.ch/validation/

“Strength of the encryption: The asymmetric ECC-based encryption used by Threema has a strength of 255 bits. According to a NIST estimate, this corresponds with at least the strength provided by 2048 bit RSA. ECDH on Curve25519 is used in conjunction with a hash function and a random nonce to derive a unique 256 bit symmetric key for each message, and the stream cipher XSalsa20 is then used to encrypt the message. A 128 bit message authentication code (MAC) is also added to each message to detect manipulations/forgeries.
Forward secrecy: Threema provides forward secrecy on the network connection (not on the end-to-end layer). Client and server negotiate temporary random keys, which are only stored in RAM and replaced every time the app restarts. An attacker who has captured the network traffic will not be able to decrypt it even if they find out the long-term secret key of the client or the server after the fact."

Even though there is no Perfect Forward Secrecy (PFS) in place, the entire communication in one-on-one and group chats are fully encrypted and all with an open-source encryption protocol!

To ensure maximum security, both the connection between the app and the servers and the one between the parties communicating with each other are encrypted separately. The former is especially important as anyone capturing network packets (on public WiFi for instance) will not be able to figure out who is messaging whom.

Users have total control over key exchange with encryption and decryption staying only on their device. The server operators and any other party are, therefore, unable to decrypt messages.

Best practice with Threema when verifying the person you are chatting with is via the QR code generated for each user. Once verified you will then see one of 3 dots next to the name/title/identifier.

https://threema.ch/en/faq/levels_expl

Red - possibly not the person they claim to be
Yellow - the person is in your address book but not verified via the QR code
Green - verified via QR code

Four years ago, we raised the issue of switching devices. Essentially, if you change your device, you can move from Android to Android with a full data backup (on the device) or from iOS to iOS with a full backup stored on iTunes or the iCloud.

If, however, you wanted to switch from Android to iOS or vice versa, you could bring your ID, but not your groups. This has been addressed with the Threema-Safe. You can now backup your entire account on a Threema hosted safe. You can also host a safe yourself. This is a great way to switch devices and never lose your account and/or contacts & groups again.

A nice standalone feature on Threema is the poll capability. This allows you to create unique polls and invite your group to vote on, well, stuff!

For further privacy, Threema allows you to turn off the ‘message read’ and ‘typing’ indicators. In other words, if you don't want the other party to see that you have read their message or that you are typing a reply, these indicators will not be shown, if selected.

You can mute individual notifications (per member) or switch off group notifications altogether. As the administrator of a group, you can adjust memberships within your group at any time. On Android, unique notification sounds can be set for each group or individual. On iOS, you can set one sound for all your individual chats and one for all of your group chats.

Threema also allows you to block contacts from connecting with you: if someone knows your Threema ID but you have never exchanged the QR code or a key fingerprint, they won't be able to text you. If you enter their ID manually and they enter yours, they will be able to text you as you will have mutually exchanged IDs (albeit not verified as indicated by the red dot). This can prevent so-called ‘man-in-the-middle’ attacks.

You may also choose to select an option whereby everyone who knows your Threema ID can text to you. This is very practical should you want to post your ID on a website or elsewhere.

Finally, you can even set your Threema up in a way that only people in your Threema contacts can reach you. In other words if you don’t have the Threema ID details of the counter party in your address book, they can't reach you.

On Android, you can hide groups and/or individuals by accessing a small icon on the top, applying your fingerprint or a PIN, and opening this part of your messaging app. This feature only works on Android. When messages arrive, you hit an ‘agree or disagree’ feature on the incoming notification on your screen or even on your smart watch (but let’s talk about smart watches and privacy separately in the near future).

Centralized

The server based in Switzerland is under the control of the Threema GmbH, the server is ISO/IEC 27001 certified. So bear in mind that every ID that is generated and every message that is sent goes over the server in Switzerland. Therefore, you have to trust Threema with every future direction the company takes! Even though Threema seems to be settled on a one time fee, that doesn't mean they won't change that! Worth keeping these things in mind!

Which data gets stored at Threema?

From Threema's own website:

  • Messages and group chats: As soon as a message has been successfully delivered to the recipient, it is immediately deleted from the server. All messages and media are transmitted end-to-end encrypted in Threema. This means: even if someone intercepted your message, it would be completely useless. Only the intended recipient is able to decrypt and read a message.
  • No contact lists are stored when synchronizing contacts: The email addresses and phone numbers from your address book get anonymized (hashed) before they reach the server. Once the comparison is finished, they are immediately deleted from the server.
  • Key pairs are generated in a decentralized way on your device. Your private key is never known to us, and therefore we cannot decrypt any message contents.
  • Threema doesn't log who is communicating with whom (which Threema IDs are communicating).

That sounds impressive, but since the actual server setup and app is not fully open-source these claims can't be verified. We have to trust in Threema's promises for this part.

You can also protect your actual app with a PIN, or on iOS with the Touch ID.

Additionally, you select an encryption password which is used to encrypt the messages on your device.

A further positive is that if you buy Threema from Threema's own shop via APK and bitcoin you are not bound to Google. The messages would be polled from the server, similar to an email.

Threema uses Firebase Cloud Messaging (FCM) to notify the app of new messages in the background. If Google Play Services are not installed, Threema checks for new messages using polling. The polling interval is configurable between 5 and 30 minutes and may cause additional battery drain and data usage.

I have personally used Threema for years and have never witnessed any excess battery draining.

Overall, there are not many footprints or metadata that you leave with Threema.

Notable

  • Google: if you purchase Threema over Threema's own shop you are not forced to use Google!
  • OpenStreetMap: if you share locations they will be using OpenStreetMap
  • Calls: Threema offers phone calls, and its one of the best. I've used it for years, the fun part is that Perfect Forward Secrecy (PFS) is supported in the calls, but not in chats.
  • Threema Web: if you go to web.threema.ch you can use your Threema account on the web, your cellphone needs to be online and scan a QR code to make that happen
  • Threema Video Call: So far Threema has no video calling option, however, this is now in beta and I am keeping an eye on it!
Video Calls: Beta Phase Begins
Video Calls: Beta Phase Begins

Analytics & Privacy

We monitored the network traffic of the application and Threema is only connecting to threema.ch. There are no analytics or other connections listening to your device.

If Threema was to be totally open-source, it would be the ultimate messaging app. With Video Calling in future, it will be an even more impressive app. However, we will need to rely on the auditor's report and we've shown the link below with all the required information.

There were, in fact, at least 3 independent teams who looked over Threema's claims and the source code.

Audited by: Lab for IT Security of Münster’s University of Applied Sciences
Report: by CNLAB

Read up on the newest:

New Threema audit
New Threema audit

https://threema.ch/press-files/2_documentation/security_audit_report_threema_2019.pdf

Ultimately, Threema is great and many of us use it and rely on it on a daily basis!

See you next month for the next in our 2020 review of messaging service providers when we will take another look at Wire (yeech!).

The Privacy Advocate