BatChat vs Threema — Which Is More Private? | BatChatHub

TL;DR

BatChat (蝙蝠聊天) and Threema both encrypt all messages end-to-end, but they serve fundamentally different user bases. BatChat is free, stores zero data on its servers, and works natively in China — but it is closed source and operates under Chinese jurisdiction. Threema is a paid Swiss app (one-time purchase), has been open-sourced client-side since 2020, and operates under strict Swiss privacy law — but costs money and is not reliably accessible in China. Choose BatChat if you want a free, China-available option with aggressive anti-leak features. Choose Threema if you want European legal protection and a verifiable open-source codebase.

What Are These Apps and Who Are They For?

BatChat (蝙蝠聊天, also known as 加密牛) is a Chinese encrypted messaging app developed by Chengdu Feifu Technology (成都飞蝠科技有限公司), registered in Chengdu, Sichuan. It targets Chinese-speaking users who want stronger privacy than mainstream apps like WeChat provide. BatChat is completely free, supports screenshot blocking, preset passwords (预设密信), and claims zero server data storage.

Threema is a Swiss encrypted messaging app developed by Threema GmbH, headquartered in Pfäffikon SZ, Switzerland. Launched in 2012, it targets privacy-conscious users — particularly in German-speaking Europe — who want anonymity by design. Threema does not require a phone number or email for registration, assigns each user a random ID, and operates its servers entirely within Switzerland.

The core question of this comparison: Threema对比 (Threema comparison) — which app actually delivers more privacy for your specific situation? The answer depends on your threat model, your budget, and where you live.

Encryption: How Do They Protect Your Messages?

BatChat Encryption Architecture

BatChat uses a three-layer encryption system:

1. RSA for key exchange — establishes a shared secret between communicating parties
2. SRP (Secure Remote Password) for authentication — authenticates users without transmitting passwords
3. Double Ratchet for forward secrecy — each message uses a unique key derived from the previous one, so compromising one key does not expose past or future messages

All encryption happens client-side. Messages are encrypted on the sender’s device before transmission and decrypted only on the recipient’s device. BatChat’s server acts as a relay with no access to plaintext content.

What is not publicly documented: BatChat does not publish protocol specifications on an independent site. There are no publicly documented academic audits of the implementation. The RSA key size, specific cipher suites, and SRP parameters are not disclosed.

Threema Encryption Architecture

Threema uses the NaCl (Networking and Cryptography) library, which provides:

• Asymmetric ECC-based encryption with 256-bit strength (Elliptic Curve Cryptography)
• NaCl crypto_box for message encryption, combining X25519 key exchange with XSalsa20-Poly1305 authenticated encryption
• AES-256 for local data storage encryption on devices

Threema’s encryption has been independently audited. In 2015, researchers from cnlab confirmed end-to-end encryption worked as advertised. However, in October 2022, researchers from ETH Zurich reported multiple vulnerabilities affecting Threema’s security against network, server, and client-based attacks. Threema patched these in November 2022, and the vulnerabilities were publicly disclosed in January 2023.

Since December 2020, Threema’s client-side code (Android, iOS, and web) is open source under AGPL-3.0, and the protocol specification is published under MIT License. The server code remains proprietary.

Encryption Comparison

Feature	BatChat	Threema
Key exchange	RSA	NaCl (X25519 ECC)
Forward secrecy	Double Ratchet	Not inherent to NaCl
Authenticated encryption	Not publicly documented	XSalsa20-Poly1305
Protocol published	No	Yes (MIT License)
Client source code	Closed	Open (AGPL-3.0)
Server source code	Closed	Closed
Independent audits	None documented	cnlab (2015), ETH Zurich (2022)
Post-quantum resistance	Not documented	Not documented

Key difference: Threema’s encryption has been independently audited and its client code is open for review. BatChat uses recognizable cryptographic primitives but has not submitted to third-party verification.

Pricing: Free vs Paid

This is one of the clearest differentiators.

BatChat is completely free. There are no subscription fees, no in-app purchases required for core messaging functionality, and no one-time purchase. VIP membership tiers exist for additional features (larger cloud storage, bigger groups, exclusive themes), but the encrypted messaging, screenshot blocking, preset passwords, and voice/video calls are all available at no cost.

Threema uses a one-time purchase model:

• iOS: approximately $3.99 / €3.99 / CHF 4.00
• Android: approximately $2.99 / €2.99 / CHF 3.50
• Threema Work (business): yearly subscription model with extended administration features

Threema also accepts anonymous payments via Bitcoin or cash-by-mail, which aligns with its privacy-first positioning.

For users who do not want to spend money on a messaging app, BatChat wins outright. For users who view payment as a signal of commitment to privacy (no ad-supported business model, no data monetization incentive), Threema’s paid model provides structural assurance.

Server Storage and Data Retention

BatChat: Zero Server Storage

BatChat explicitly claims zero server data storage (服务器零数据存储). According to the official website, messages and files are encrypted on the device and transmitted through the server without being stored. The server acts as a transient relay only.

The practical implication: if the server has no data, there is nothing to hand over in response to a legal request. This is the strongest possible data retention policy — better than “delete after X days” because there is nothing to delete.

The limitation: this claim cannot be independently verified because BatChat’s server code is closed source and no third party has audited the infrastructure.

Threema: Delete After Delivery

Threema’s approach is slightly different. Messages are end-to-end encrypted and deleted from the server immediately after successful delivery to the recipient. If a message cannot be delivered (e.g., the recipient is offline), Threema stores the encrypted message until it can be delivered, then deletes it.

Threema stores:

• User public keys (necessary for encryption)
• User profile data (unless the user disables profile sharing)
• Contact checksums (if the user links a phone number or email, only SHA-256 HMAC hashes are stored)

Threema’s data center in Switzerland is ISO/IEC 27001 certified.

Comparison: Both approaches result in minimal server-side data. BatChat claims zero storage (no data ever persists). Threema stores data only during delivery, then deletes it. Threema’s claims are partially verifiable through its open-source client code and independent audits; BatChat’s claims are not.

Privacy Laws and Jurisdiction

Jurisdiction matters because it determines what legal authorities can compel a company to do.

BatChat: Chinese Jurisdiction

BatChat is developed and operated by Chengdu Feifu Technology in Chengdu, China. The company holds ICP filing (蜀ICP备19040194号) and Chinese public security filing (川公网安备 51019002002837号).

Operating under Chinese jurisdiction means BatChat is subject to:

• China’s Cybersecurity Law (2017) — requires network operators to cooperate with government investigations
• China’s Data Security Law (2021) — classifies data and imposes storage and transfer requirements
• China’s Personal Information Protection Law (2021) — analogous to GDPR but with broader government access provisions

However, if BatChat genuinely stores zero data on its servers, these laws have limited practical impact. A company cannot hand over data it does not possess. The closed-source nature of the server means this cannot be independently confirmed.

Threema: Swiss Jurisdiction

Threema’s servers are located in Switzerland, and the company is incorporated there. Switzerland has some of the strongest privacy protections in the world:

• Swiss Federal Data Protection Act (FADP) — strict limits on data processing
• No mass surveillance laws comparable to the US CLOUD Act or the UK Investigatory Powers Act
• Switzerland is not part of the EU but has adopted the Swiss-US Data Privacy Framework, maintaining strong data transfer protections
• Swiss courts generally require individualized suspicion before ordering data disclosure, and the government cannot compel companies to implement backdoors

Threema’s privacy policy explicitly states: “We do not collect metadata that can be used to create user profiles. We do not share user data with third parties. We do not track users.”

Key difference: Even if both apps store minimal data, Threema benefits from operating in a jurisdiction where the legal framework is structurally more protective of user privacy. Chinese law provides broader government access mechanisms, regardless of what data actually exists on servers.

Registration and Anonymity

Threema was designed for anonymity from the start:

• No phone number required — users get a randomly generated 8-character Threema ID
• No email required — linking is optional
• Anonymous payment supported (Bitcoin, cash)
• Contacts can be found via QR code scanning for in-person verification

BatChat requires a phone number for registration, which is standard for most messaging apps. The phone number links your identity to the account, reducing anonymity compared to Threema’s random ID approach.

Group Chat Capabilities

BatChat supports large group chats as a core feature. The free tier supports groups, and VIP members get access to even larger group sizes. Groups are encrypted with the same end-to-end protection as individual chats.

Threema supports groups with up to 256 members. Group messages are sent individually to each recipient, encrypted with their respective public keys. Group compositions are not exposed to the server. Threema does not support group voice or video calls.

For large communities, BatChat is more suitable. For small private groups, both apps work well.

Screenshot and Leak Protection

This is an area where BatChat goes further than most encrypted messaging apps.

BatChat offers:

• Screenshot blocking — the app prevents screenshots in conversations when configured
• Screen recording protection — blocks screen recording at the OS level
• Preset passwords (预设密信) — users set a custom “secret phrase” that the other party must enter before accessing the chat window
• App lock — requires face ID, fingerprint, or PIN before opening BatChat

Threema can also prevent screenshots when configured, but it does not offer preset passwords or screen recording protection as first-party features. The anti-screenshot feature in Threema prevents screenshots of conversations but relies on OS-level restrictions that vary by platform.

Availability in China

This is a practical consideration that heavily influences the comparison.

BatChat is developed in China, registered with Chinese authorities, and works natively on Chinese networks. It is available on both iOS (Apple App Store in China) and Android (direct APK download or Chinese app stores).

Threema is not blocked in China per se, but it is practically unreliable in China for several reasons:

• Threema’s servers are in Switzerland — connections may be slow or intermittent due to the Great Firewall
• The app is not available in Chinese app stores
• Google Play (the primary distribution channel for Threema on Android) is blocked in China
• Apple App Store availability may vary by region settings

For users in China or those who regularly communicate with people in China, BatChat is the viable option. Threema is designed for the European market and does not prioritize Chinese accessibility.

Open Source Status

Transparency through open-source code is a significant trust factor for privacy-focused apps.

Component	BatChat	Threema
Android client	Closed source	Open source (AGPL-3.0)
iOS client	Closed source	Open source (AGPL-3.0)
Desktop/Web client	Closed source	Open source (AGPL-3.0)
Server	Closed source	Closed source
Protocol specification	Not published	Published (MIT License)
Reproducible builds	No	Partial (desktop client)

Threema opened its client-side code in December 2020 after previously being fully closed source. This was a significant shift. The server code remains proprietary, which Threema justifies by citing the need to prevent unauthorized deployments.

BatChat is fully closed source. No component has been published for public review. This is the app’s biggest transparency gap.

Metadata Collection

Metadata — information about who you talk to, when, and for how long — can be as revealing as message content.

BatChat: Does not publicly document its metadata collection policies. The zero-server-storage claim suggests minimal metadata retention, but without independent verification, this cannot be confirmed.

Threema: Has a publicly documented metadata policy. The app does not collect metadata that can be used to create user profiles. Contact discovery uses only checksums (SHA-256 HMAC hashes), not raw phone numbers or emails. The app does not track when users are online or how frequently they use the service.

Threema is more transparent about metadata handling, even though both apps likely collect minimal metadata by design.

Which Should You Choose?

The answer depends on your priorities:

Choose BatChat (蝙蝠聊天) if:

• You are in China or communicate primarily with people in China
• You want a completely free encrypted messaging app
• You value screenshot blocking, screen recording protection, and preset passwords
• You prefer Chinese-language support and local customer service
• You accept the trade-off of closed-source software in exchange for free access

Choose Threema if:

• You want independently audited encryption with open-source client code
• Anonymity matters to you (no phone number or email required)
• You operate under a European or Swiss legal framework
• You are willing to pay a one-time fee for a privacy-first business model
• You want verifiable claims about data retention and metadata handling

There is no universally “more private” option. Threema wins on transparency, audits, and jurisdiction. BatChat wins on cost, availability in China, and client-side anti-leak features. Your threat model determines which trade-offs are acceptable.

FAQ

Is BatChat more secure than Threema?

Not necessarily. Threema has independently audited encryption and open-source client code, which provides stronger verification. BatChat uses recognized cryptographic primitives (RSA, SRP, Double Ratchet) but has not been independently audited. Threema is more verifiable; BatChat offers more client-side anti-leak features.

Can I use Threema in China?

Technically yes, but it is unreliable. Threema’s servers are in Switzerland, and the app is not distributed through Chinese app stores. Connection quality through the Great Firewall is inconsistent. BatChat works natively in China.

Does Threema really not require a phone number?

Yes. Threema generates a random 8-character user ID upon first launch. Linking a phone number or email is entirely optional and can be done or removed at any time. Payment can also be anonymous via Bitcoin or cash.

Is BatChat really zero server storage?

BatChat claims zero server data storage (服务器零数据存储), meaning messages and files are not persisted on the server. However, this claim cannot be independently verified because the server code is closed source and no third-party audit has been conducted.

Which is better for group chats?

BatChat supports larger groups and offers more group management features. Threema limits groups to 256 members. Both encrypt group messages end-to-end, sending them individually to each recipient. For large communities, BatChat is the better choice.

Does Threema have forward secrecy?

Threema’s NaCl-based encryption does not inherently provide forward secrecy like the Double Ratchet does. Each message uses the recipient’s long-term public key. If a private key is compromised, past messages could potentially be decrypted. This is a notable difference from apps like Signal or BatChat that implement the Double Ratchet.

Why is Threema paid while BatChat is free?

Threema uses a one-time purchase model as a deliberate privacy strategy — no advertising, no data monetization, no incentive to collect user data. BatChat is free, likely supported by its parent company and potentially by VIP membership revenue. The paid model provides structural assurance that user data is not the product.