[Nykon]

Used to be a fan of threema until they were subjected to. The revised Swiss Federal Act on the Surveillance of Postal and Telecommunications Traffic in or around 2016.

Backdoors introduced by law, as far as I've gotten into it. I no longer can recommend it.

[dbrgn]

Even under the revised BÜPF, the government has no power to ask for backdoors. They can only ask for data that is already stored (which is very little metadata in the case of Threema, since collecting as little data as technically possible is the guiding principle for Threema).

More information can be found in the transparency report: https://threema.ch/en/transparencyreport

(Disclaimer: Threema dev)

[iforgotpassword]

Since you outed yourself: does your company have an official stance on 3rd party clients?

[dbrgn]

I can't give you any official answer (I'm here privately and don't speak for the company), but the terms of use of Threema don't disallow reverse engineering. As long as third party clients don't actively undermine the business model or trademarks, this shouldn't be a problem. In doubt, just send an e-mail to info@.

After all, https://openmittsu.de/ is a thing. (Note that the developer of OpenMittsu does not offer the option of generating an identity in the software itself, instead you generate an identity on your phone and then transfer it to OpenMittsu through an ID backup.)

(Edit: Almost forgot: The "Threema Web protocol" has also been officially documented: https://threema-ch.github.io/app-remote-protocol/ I would love to see alternative clients that implement it, to allow using your Threema app from other platforms.)