This is the main problem with them and I do not feel comfortable recommending them.
Their payment requirement indeed makes it near impossible to get it adopted. I prefer Signal’s subscription which I am happily paying for, but if I had to convince all my connections to switch and pay for an app to talk to me, that’s just impossible. I have a Threema licence, but I don’t use it.
sorry to necro, but now they’re shilling a shitty MediaTek phone that runs a GrapheneOS fork that also has a subscription on top: Partnership with Apostrophy: Win a Privacy Phone – Threema
Huge breach of trust…
I might’ve missed on their website but it didn’t even look like they were sharing too much information on specs, let alone operating system; where’d you find them and also, where’d you confirm it is, in fact, a GrapheneOS fork? Not questioning you, just looking for the source to reference when people ask.
I’m likely blind. 
Check the images.
@rottenwheel They have it on their support page.
It looks like the phone doesn’t require a subscription, but the company that sells them (Apostrophy) offers privacy-focused cloud services that are subscription-based. I don’t really see the issue with this. Have we all forgotten about MobileCoin? That’s still in Signal to this day.
Selling cheap, insecure, MediaTek phones and marketing them as good for privacy and security isn’t an issue? Okay.
Oh god, the contrast.
Checking here, I see plenty of high-severity vulnerabilities associated with Qualcomm as well: Android Security Bulletin October 2024 | Android Open Source Project
There is no totally secure hardware. Without evidence that the vendor is failing to offer timely patches, etc. I don’t think it’s fair to criticize them for being “insecure” only because of a specific chipset they chose to use. As far as performance goes, they also say this at the very top of their tech specs page:
We’re not in a tech spec race with the MC02 5G smartphone, that’s not its purpose. Rather a totally new and better way to live with a mobile phone.
It seems like they’re being pretty up-front about their phone being low-specced.
The issue with MTK is that they barely publish sources compared to Qualcomm.
ROM support, aside from GSIs, is generally not great at all for them.
Of course there isn’t totally secure hardware but there is absolutely some hardware which is more secure. Even without getting into providing firmware patches, they neglect to include many of the secure hardware features which are required for genuine GrapheneOS. So instead of selling a secure device, Apostrophy.ch is opting to sell a device running an outdated fork of GrapheneOS based on AOSP 13, which means they are also certainly lacking many Android Security Bulletin patches which are not backported.
Low specs is not really the issue. Although it is improving, Pixels for example have historically offered less than top-tier performance and yet they are the most secure Android devices on the market.
I was referring to the “cheap” comment as being related to performance.
Hi, to answer both questions:
I use Threema since many years with my closest friends and family. It has evolved a lot and covers all my needs.
The reason for it is that I prefer to put my trust in a Swiss software with servers in Switzerland and compliant to EU’s GDPR and which furthermore doesn’t gather metadata. No way I would use a software for personal information management with servers located in countries of the x-eyes alliance or any satellite of the patriot act country.
That’s very, very bold considering:
And signal like Threema explicitly doesn’t collect anything about you whatsoever (like yes outside of the phone number as expected but I’m talking all other metadata, they have nothing on anyone on anybody). They have proved it in subopenas, they prove it in their open source code (server and client) and audits anyways.
Not to mention, there’s a reason @jonah mentioned that specific point. He’s not wrong no matter what, when he says that it is already hard to convince people to get the to use something like Signal (yes I could pay threema on behalf of them or make them choose to do so but with our general consensus locally in my country being that messengers are generally free, I doubt the second one would work at all.), but making them pay for app (While commendable from an ethical business standpoint), it already blows that “Trying to convince them to use it” out of porportion (And this is literally my experience speaking, I’ve seen people in life who frown upon paying for a service but if it’s free, they’re more willing to consider).
And if I’m being honest a lot of the reason I convinced my second friend to signal is because of stickers, I doubt threema has something similar… And with it being on beeper I have alot more chances here than threema as well.
One thing I like more in Threema is backup. It allows you to manually back-up full data and manage it by yourself. Signal implementation has some drawbacks (only daily without option to change occurrence or do it manually, turning it off deletes old backups from device).
Thank you for your input as I wasn’t aware of it.
Nevertheless, it worked for me and my closest circle until now. 
BTW: I was surprised that I couldn’t find direct articles on the Proton and Threema blogs. Maybe they don’t want to scare customers until the case is thoroughly analyzed.
