Is Google adding end-to-end encryption to RCS messaging?
by Jared PetersGoogle has taken the reigns on rolling out RCS messaging to Android phones, ditching phone carriers and waiting on half-baked updates and patches. With those roadblocks out of the way, we should start to see RCS really grow into the kind of service that Google wants it to be.
And while RCS messaging has been something to be excited about since the beginning, one thing that was lacking compared to its closest competitor in iMessage is end-to-end encryption. That’s an incredibly useful, privacy-oriented feature for anyone that’s trying to keep their conversations secure, and something that apps like Signal prioritize very heavily. RCS hasn’t had an answer, however, at least up until now.
RCS messaging and end-to-end encryption
A recent APK teardown of the latest internal dogfood build of Google Messages version 6.2 reveals some code that hints at end-to-end encryption being added to the app at some point in the future. This would mean that your cell phone carrier (or other interested parties) wouldn’t be able to see the contents of your message; only you and the recipient hold the “key” to your message, so only the two of you would be able to decrypt it. This is how other encrypted messaging services currently work.
Keep in mind, though, that we don’t know the exact stipulations for this to work. Google might require everyone to be using the Google Messages app on their phone, or it might also work with the web version. There’s also the concern that if you don’t have a solid internet connection, your messages will fallback to regular old SMS, just like iMessage. Apple offers a way to turn this off on iPhones, so we’d assume Google would, too, at least according to this APK teardown.
The leak also hints at being able to sandbox off your messages from other apps on your phone as well. It looks like the app will offer a toggle that will keep the encrypted data separate from other things on your phone, which would keep nosy apps from snooping into information that they shouldn’t be getting into.
This is a very early internal build, so don’t expect anything to happen right away. But this is definitely something to keep an eye on over the next few months.
source: 9to5Google