[7] Threema is available on iOS and Android, and has clients for Windows, macOS, Linux, and HarmonyOS and can be accessed via web browser but requires a mobile app to function.

[8] The service claims to be based on the privacy by design principles by not requiring a phone number or other personally identifiable information.

[9][10] Threema uses a user ID, created after the initial app launch by a random generator, instead of requiring a linked email address or phone number to send messages.

The QR code contains the public key of the user, which is cryptographically tied to the ID and will not change during the lifetime of the identity.

Using this strong authentication feature, users can make sure they have the correct public key from their chat partners, which provides additional security against a man-in-the-middle attack.

Threema offers a "Validation Logging" feature that makes it possible to confirm that messages are end-to-end encrypted using the NaCl Networking and Cryptography library.

[25] Researchers from cnlab confirmed that Threema allows secure end-to-end encryption, and claimed that they were unable to identify any weaknesses in the implementation.

[29] Martin Blatter and Silvan Engeler joined Kasper to develop an Android application that was released in early 2013.

[30] In Summer 2013, the Snowden leaks helped create an interest in Threema, boosting the user numbers to the hundreds of thousands.

During the second week of 2021, Threema saw a quadrupling of daily downloads spurred on by controversial privacy changes in the WhatsApp messaging service.

A spokesperson for the company also confirmed that Threema had risen to the top of the charts for paid applications in Germany, Switzerland, and Austria.

[37] This trend continued into the third week of the year, with the head of Marketing & Sales confirming that downloads had increased to ten times the regular amount, leading to "hundreds of thousands of new users each day".

[38] In October 2022, researchers from ETH Zurich reported multiple vulnerabilities affecting Threema's security against network, server and client-based attacks.

[55] In a response, a Threema spokesperson publicly stated: "We operate under Swiss law and are neither allowed nor willing to provide any information about our users to foreign authorities.

[58] In 2024 the FBI, using direct access to a mobile phone with the app installed, were able to obtain Threema messages and lay charges on 2 suspects.

[59] In February 2014, German consumer organisation Stiftung Warentest evaluated several data-protection aspects of Threema, WhatsApp, Telegram, BlackBerry Messenger and Line.

Threema was the only app rated as 'non-critical' (unkritisch) in relation to data and privacy protection, but lost marks due to its closed-source nature, though this has changed for its frontend clients since the end of 2020.

[60] Along with Cryptocat and Surespot, Threema was ranked first in a study evaluating the security and usability of instant messaging encryption software, conducted by the German PSW Group in June 2014.

[61] As of November 2015[update], Threema had a score of 6 out of 7 points on the – now withdrawn and outdated – Electronic Frontier Foundation's "Secure Messaging Scorecard".