Which messaging apps provide on-device-only key storage and anonymous registration (no phone number) similar to Signal or DuckDuckGo’s privacy goals?

1. Signal: on‑device keys but not anonymous registration

Signal stores cryptographic keys primarily on users’ devices and is designed to collect very little metadata, a model widely praised by security reviewers ^{[5] [6]}. However, Signal’s account model is tied to phone‑number registration, so it does not meet the “no phone number” anonymity requirement even though its key storage policy aligns with on‑device protection goals ^{[5] [3]}.

2. Threema: randomized IDs and local keys — a practical anonymous option

Threema allows users to register via a randomly generated Threema ID without linking a phone number or email and stores private keys on the device, positioning itself as a paid, metadata‑minimizing messenger built for anonymity ^{[8] [6] [9]}. Multiple reviews highlight that Threema deletes server copies quickly and keeps contact/group data on the device, but note that it’s a paid app and that some features (like backups and cross‑device flow) require user attention or have different design choices ^{[6] [1]}.

3. Session and Briar: anonymity by avoiding central identity servers

Session uses decentralised service nodes and a Session ID (not a phone number or email) and relies on on‑device keys with a recovery phrase for device migration, making it explicitly designed for anonymous use and minimal metadata collection ^{[2] [5]}. Briar similarly avoids central servers by syncing over Bluetooth/Wi‑Fi or Tor and keeps message content local to devices, enabling strong anonymity at the cost of different connectivity and usability constraints ^{[3] [10]}.

4. SimpleX, Wickr and other niche apps: varied approaches to device storage and anonymous signup

SimpleX advertises private E2EE with no user IDs and connection via link/QR, implying no phone‑number registration and on‑device message storage ^[4]. Wickr Me and some other apps emphasize ephemeral attachments and device‑local storage without cross‑device syncing, but vendor and aggregator pages differ on the exact registration and metadata practices, so each requires scrutiny of its current privacy documentation ^{[11] [12]}.

5. What “on‑device-only key storage” and “anonymous registration” practically mean — and the tradeoffs

On‑device key storage means private keys are generated and retained on the user’s device rather than escrowed on servers; several apps (Signal, Threema, Session) use this model, but the registration model (phone number vs. random ID/seed) diverges between them ^{[5] [1] [2]}. The practical tradeoffs are recovery and multi‑device support: anonymous systems often force users to manage recovery phrases or accept limited device syncing, while phone‑number logins simplify usability but link identity metadata to accounts ^{[6] [2] [3]}. Vendor materials and reviews can emphasize privacy strengths while downplaying usability costs or paywalls; independent reviews recommend checking backup/recovery methods and metadata policies before trusting any single app ^{[7] [6]}.

Bottom line: shortlist and decision guide

For a direct match to both goals — private keys stored only on the device and registration without a phone number — Threema, Session, Briar and SimpleX are the clearest candidates cited across reviews and vendor pages, each with different feature and trust tradeoffs ^{[8] [2] [3] [4]}. Signal meets the key‑storage standard but not the anonymous‑signup standard ^[5]. Final selection should weigh the need for cross‑device syncing, recovery mechanics and whether to accept paid apps or decentralised designs; reviewers repeatedly stress that “privacy goals” are a bundle of technical and usability choices, not a single checkbox ^{[6] [7] [1]}.