In 2012, Manuel Kasper, then a college student realised while the world of chats, communication and messaging was fast evolving, it also had a critical gap with several vulnerabilities.
He along with a few of his college friends recognised the need for a messaging solution that prioritised end-to-end encryption, ensuring that the content of messages remained accessible only to the intended recipients, thereby safeguarding against potential interception or unauthorised access.
This led to the birth of Threema in Switzerland. Fast forward to today, Threema has evolved into a multifaceted platform catering to diverse user demographics, from individual consumers seeking heightened privacy to businesses and governmental entities requiring stringent security measures for their communication channels.
It is a paid-for cross-platform encrypted instant messaging app. It operates on a decentralised architecture. On the platform, users can make voice and video calls, apart from being able to send messages, share files, make groups, locations etc.
Threema doesn’t need an email address or phone number to register and has only a single one-time purchase to be made via an app store.
The global market for encrypted messaging is pegged by several reports to be at $4.75 billion. Some of the top apps include- Telegram, Signal, Session, Wire and others.
Focus on end-to-end encryption
“The platform’s commitment to end-to-end encryption remains unwavering, serving as the bedrock of its security framework. By encrypting messages at the sender’s device and decrypting them only at the recipient’s device, Threema ensures that sensitive information remains confidential throughout transmission, shielding it from prying eyes and potential adversaries,” adds Roman Flepp, Marketing Director, and Board Member, Threema.
Threema’s journey reflects a progressive shift towards serving the growing demands of the business-to-business (B2B) sector, especially within regions like the Gulf Cooperation Council (GCC).
Recognising the unique needs of organisations grappling with data protection and compliance requirements, Threema has tailored its offerings to cater specifically to the B2B segment.
Flepp adds currently Threema is currently looking closely at the MENA region. He adds it is a strategic market for secure messaging solutions, especially – for enterprises, government institutions, law enforcement agencies, etc. Currently, the team is working to onboard potential clients, and raise awareness of the product.
Threema operates on a multifaceted business model encompassing both business-to-consumer (B2C) and business-to-business (B2B) segments, ensuring a diversified revenue stream and sustainable growth. In the B2C segment, Threema offers a paid app model, where individual users can purchase the Threema app for a one-time fee, providing access to premium features and enhanced security capabilities.
“This model has proven successful, particularly in regions like Europe, where Threema boasts millions of users, reflecting a strong consumer demand for privacy-centric messaging solutions” adds Flepp.
In the B2B segment, Threema adopts a subscription-based pricing model, charging organisations a recurring fee per user per year for access to its enterprise-grade messaging platform. This subscription fee includes access to advanced features such as user management, administrative controls, and integration capabilities, tailored to the specific needs of businesses operating in regulated environments or requiring stringent security measures.
Building the initial product
The initial team drew on their collective experience and expertise in the software development and encryption industry to build Threema. It needed to resonate with the users looking for a secure communication platform.
What helped was the early traction the platform got through individual users looking for privacy-centric messaging solutions. “We had also realised that there was a growing opportunity to expand the reach and cater to the needs of businesses and governmental institutions,” adds Flepp.
The product architecture works around the principles of decentralised data management and end-to-end encryption. Threema employs sophisticated encryption algorithms that ensure that the messages remain confidential and secure throughout the transmission.
The messages are encrypted at the sender’s device and are decrypted only at the recipient’s end. This eliminates the risk of interceptions and safeguards sensitive information from unauthorised access.
Minimising risks
“One of the key advancements introduced during this transition was the implementation of a comprehensive management system, empowering businesses with granular control over user administration and access permissions. This feature proved instrumental in addressing the complex user management needs of enterprises, enabling them to streamline their communication infrastructure while ensuring compliance with data protection regulations,” added Flepp.
The company also augmented its product offerings with support for mobile device management (MDM) systems and APIs, which allowed easy integration into existing IT ecosystems.
“This provided organisations with the flexibility to integrate the platform into their existing processes and workflows and also automated user management tasks. We also introduced features that helped facilitate one-way communication for internal announcements and updates,” said Flepp.
He explained the team continues to follow a closed user group approach that restricts access to verified users within a designated organisation or network. Now, with the growing use of AI, there are stringent verification protocols and user authentication mechanisms implemented.
“This minimises the risk of unauthorised access and impersonation. Threema also continues to monitor potential security vulnerabilities and assess their impact on the platform’s integrity and functionality. The team also employs a multi-layered security strategy that combines encryption, authentication, and integrity checks to verify the authenticity of messages and media content. By leveraging advanced cryptographic techniques and digital signatures, Threema provides users with assurance regarding the origin and integrity of the communication, thereby mitigating the risk of manipulation or tampering,” added Flepp.
Soon Threema is looking for ongoing product development and expanding into newer markets. It is looking at developing a multi-device desktop application, enabling users to access Threema seamlessly across multiple devices without the need for constant synchronisation with a mobile device.
