Google has started to roll out a new and coveted feature for Android Messages — the end-to-end encryption announced some time ago. It’s actually a new texting standard – Rich Communication Services (RCS) – that’s set to replace the existing SMS, and it’s a global push, with just a couple exceptions.
Implementing end-to-end encryption for text messages is a bit more complicated than its equivalent on regular messaging apps. The main reason is that these messages have to go through carriers, unlike regular messages on other messengers that operate via the Internet. When this feature becomes available to everyone, all text messages will be encrypted by default, and not even carriers will be able to read them.
“We’ve invested in making Messages by Google a modern and globally available RCS & SMS/MMS messaging app for Android phones,” said Google. “While RCS messages are already a big security improvement over SMS/MMS, we wanted to take it a step further and add end-to-end encryption (E2EE) to Messages, so no one else – including Google servers or third-party servers – can access your conversations as they travel between your phone and the phone you message.”
There are two scenarios for this new service. The exchanged messages pass through a server that resides either with Google or a carrier. They can only route the messages and not read them. Even if the server is somehow compromised, the attackers can’t access the messages themselves. It’s also impossible to impersonate other users and read their messages.
Users will know if their conversation on Android Messages is encrypted, and they should have different colors than the regular SMS. By default, when eligible, Android will send messages over RCS and not automatically fall back to SMS/MMS. The application uses the Signal Protocol to build E2EE for RCS messages.
The only two countries that will not use the new system are China and Russia. For now, it’s unclear whether a rollout is scheduled for them or if they will forever remain in limbo.