Threema: encrypted messaging without a phone number, paid and Swiss
Threema requires no phone number and no email address. Your identity is a random 8-character ID. Servers store no metadata — and a Swiss court confirmed that's how it stays.
Threema: encrypted messaging without a phone number, paid and Swiss
Signal is free and widely supported. But Signal requires a phone number. Threema doesn’t.
Threema is a paid app — a one-time fee of around €4 — and that’s not coincidence. That price funds the servers and the team. No ads, no data collection, no investors to pay back on your usage patterns. You are the customer, not the product.
The app is Swiss, the servers are in Switzerland, and in 2021 Threema won a case at the Federal Supreme Court of Switzerland to keep its zero-metadata architecture intact. That’s more legal protection than most messaging services have ever put to the test.
How identity works in Threema
On first launch, the app randomly generates a Threema ID: an 8-character alphanumeric string. No name, no number, no account. That ID is your address in the network.
You can optionally link a phone number or email address — but the app only sends a SHA-256 hash to the server, never the actual number or address. Other users can find you this way if they already have your number, but Threema itself never holds your real data.
You make contact via:
- Manually entering a Threema ID
- Scanning a QR code (also cryptographically verifies identity)
- Optional sync based on hash values of numbers from your contacts
Encryption
Threema uses a custom implementation based on the NaCl library (Networking and Cryptography library):
- Curve25519 for key exchange
- XSalsa20 for message encryption
- Poly1305 for message authentication
Perfect Forward Secrecy (PFS) is implemented via key derivation (KDF ratcheting): each message uses a new key derived from the previous one. If a key ever leaks, earlier messages remain unreadable.
Messages, files, voice messages, voice calls, and video calls are all end-to-end encrypted. Group messages are sent as individual encrypted messages to each member — the server never sees group composition.
Post-quantum encryption is not yet in the production version. Threema is collaborating with IBM on integrating the NIST-standard ML-KEM algorithm, but no release date has been announced.
What Threema does and doesn’t know
| Held by Threema | |
|---|---|
| Message content | No — end-to-end encrypted |
| Contact list | No — managed on your device |
| Group composition | No — managed on your device |
| Connection patterns | No — no log files |
| Date Threema ID was created | Yes |
| Date of last login | Yes |
| Hash of phone number (if linked) | Yes |
Messages are deleted immediately after delivery from the servers. No log files are kept. Threema does not meet the revenue threshold under Swiss law that would trigger mandatory data retention requirements — and intends to stay that way.
Under a court order, they can hand over creation date and last login date. Nothing more.
What the security research found
January 2023 — ETH Zurich
Researchers from ETH Zurich published seven attack vectors against Threema’s then-current protocol. The most serious: private keys were theoretically extractable via a compression side-channel in backups, and replay and reflection attacks were possible via the nonce database on Android.
Threema maintained there was no real-world impact. The researchers disputed this. The outcome: Threema had already been developing the new Ibex protocol since October 2022 in response to the findings.
July 2023 — University of Erlangen-Nuremberg
Formal cryptographic analysis of the Ibex protocol: no vulnerabilities found. The protocol was mathematically proven secure.
January 2024 — Cure53
Independent penetration test of the desktop application. No critical or high-severity vulnerabilities. Found: a low-severity DoS via SVG files and a missing macOS quarantine flag on downloaded files. Cure53 judged the overall security posture to be strong.
Conclusion: Threema had a serious vulnerability window in 2023 but responded structurally with a new protocol. Current versions are significantly more robust than pre-2023. If you’re on an older version: update.
Swiss jurisdiction in practice
All servers are in Switzerland. Foreign authorities — including American ones — cannot issue direct orders to Threema. They must go through official mutual legal assistance treaties, which require a full Swiss legal procedure.
In April 2021, Threema won a case at the Federal Supreme Court of Switzerland. The Ministry of Justice had tried to compel Threema to identify users and report to law enforcement. Threema won — and the zero-metadata architecture is legally protected as a result.
This is a concrete precedent, not a marketing claim.
Installing and getting started
Threema is available for Android, iOS, and desktop (Linux, macOS, Windows).
Android: via Google Play or directly from threema.com (APK). On GrapheneOS: prefer the direct APK or Accrescent.
iOS: via the App Store.
Desktop: download from threema.com. Desktop version 2.0 (beta) works standalone without the mobile app needing to be active.
Cost: one-time purchase of approximately €4. No subscription, no recurring costs.
On first launch:
- The app generates your Threema ID — no registration required
- Optional: add a display name (stored locally)
- Optional: link phone number or email for discoverability (only hash is sent)
- Share your ID or let someone scan your QR code to connect
What you can do with it
- Personal conversations (1 on 1)
- Group conversations (end-to-end encrypted)
- Voice and video calls (individual and group calls up to 16 participants)
- File sharing
- Disappearing messages
- Polls and location sharing
Threema is fully featured — it’s not a minimal privacy app but a mature messaging platform.
Who Threema is for
Direct value:
- Anyone who wants to communicate completely anonymously without linking a phone number
- Journalists, lawyers, and medical professionals who take professional confidentiality seriously
- People skeptical of free services who prefer to pay for privacy
- Organizations that want data sovereignty via Threema OnPrem (self-hosted)
- Anyone in the DACH region (Germany, Austria, Switzerland): Threema is more widely used there than elsewhere
Less suitable for:
- Anyone who wants free (Signal is free and also good for most threat profiles)
- Anyone with many contacts already on Signal — the switching threshold is real
- Anyone who needs post-quantum encryption now (not yet available)
Threema vs. Signal vs. Session
| Threema | Signal | Session | |
|---|---|---|---|
| Phone number required | No | Yes | No |
| Cost | €4 one-time | Free | Free |
| Perfect Forward Secrecy | Yes | Yes | Yes |
| Post-quantum encryption | No (in development) | No | Yes (v2) |
| Onion routing | No | No | Yes |
| Central server | Yes (Switzerland) | Yes (US) | No (decentralized) |
| Legally compellable data | Creation date + last login | Creation date + last connection | Nothing |
| Independent audit | Cure53 2024, ETH/Erlangen 2023 | Multiple audits | Quarkslab 2024-2025 |
| Self-hostable | Yes (OnPrem) | No | Limited |
Signal wins on user base and free access. Session wins on anonymity and decentralized infrastructure. Threema wins on metadata protection, Swiss jurisdiction, and organizational control.
Background
Threema was founded in 2012, is headquartered in Pfäffikon (Switzerland), and is independently operated — no outside investors. The paid app is the primary business model for the consumer version; Threema Work (for organizations) and Threema OnPrem (self-hosted) are additional products.
The source code is partially open source and has been audited by multiple independent parties.
See also:
- SimpleX Chat guide — no identifier, maximum anonymity
- Session guide — decentralized, onion routing
- Briar guide — P2P via Tor, works without internet
- Delta Chat guide — encrypted messaging over email
- Signal and Molly review — Signal with extra privacy options