Android-iOS Messaging Gets Security Boost with RCS E2EE
The GSMA, the organization responsible for advancing the Rich Communications Services (RCS) protocol, has announced plans to implement end-to-end encryption (E2EE) to secure messages exchanged between Android and iOS. This is a significant step toward ensuring user security across different platforms.
GSMA’s Chief Technology Officer, Tom Van Pelt, remarked that the next pivotal milestone would be the addition of end-to-end encryption to the Universal Profile standard. He emphasized that the integration of cross-platform encryption will face several technical challenges, such as key unification and cryptographically enhanced group membership.
These plans were unveiled a day after the release of iOS 18, which introduced RCS support in the Messages app, enabling new features like message reactions, typing indicators, read receipts, and high-quality media sharing.
Despite the advancements of RCS over SMS, the protocol currently lacks default encryption. Google has already begun implementing the Signal protocol to protect RCS messages on Android, and Apple has previously expressed its willingness to collaborate with GSMA to integrate encryption into RCS.
It is worth noting that Apple’s proprietary iMessage system already utilizes end-to-end encryption, ensuring user message privacy. Additionally, reports suggest that in July of this year, Google planned to introduce the Message Layer Security (MLS) protocol into its Messages app for Android, aiming to enhance compatibility with other messaging platforms.
Meta*, in turn, is exploring ways to ensure interoperability between WhatsApp and Messenger with third-party messaging apps, in line with the requirements of the European Digital Markets Act (DMA). The company is striving to maintain end-to-end encryption where possible, despite the technical complexities involved.
According to Meta representatives, creating such cross-platform solutions is technically challenging, but the company is doing everything it can to preserve user privacy.