9to5Mac Safety Chunk is completely dropped at you by Mosyle, the one Apple Unified Platform. Making Apple units work-ready and enterprise-safe is all we do. Our distinctive built-in strategy to administration and safety combines state-of-the-art Apple-specific safety options for totally automated Hardening & Compliance, Subsequent Technology EDR, AI-powered Zero Belief, and unique Privilege Administration with essentially the most highly effective and fashionable Apple MDM available on the market. The result’s a very automated Apple Unified Platform at present trusted by over 45,000 organizations to make tens of millions of Apple units work-ready with no effort and at an inexpensive value. Request your EXTENDED TRIAL right now and perceive why Mosyle is every thing you must work with Apple.
Earlier this 12 months, Apple introduced that it was main the cost on a cross-industry effort to convey end-to-end encryption (E2EE) to the RCS Common Profile, which is printed by the GSMA. Apple instructed 9to5Mac in March it could come to the iPhone in a future software program replace. Google quickly after jumped in, stating it too was ‘dedicated to offering a safe messaging expertise.’
I didn’t assume it was fully unreasonable to imagine we’d see this showcased at WWDC 2025…that didn’t occur. Then I assumed possibly in one of many iOS 26 betas? Additionally nothing. So, what occurred to cross-platform E2EE for RCS messaging? Is it nonetheless coming?
With this functionality included into the usual, all Wealthy Communication Commonplace (RCS) messaging between iPhone and Android customers can be fully unreadable to backend intermediaries—its contents encrypted, scrambled into gibberish, and solely unlockable with the decryption key saved on the consumer units. Enormous for consumer privateness.
Because the launch of iOS 18 beta 2 in June, Apple has added RCS assist, permitting iPhone customers to lastly ship wealthy messages with audio and bigger media recordsdata to Android customers who aren’t utilizing iMessage. It was a welcoming transfer for folks with dad and mom who refuse to get an iPhone. Not like the {industry} normal SMS, RCS affords acquainted options similar to learn receipts and the basic typing indication animation, nevertheless it additionally provides the power to vastly enhance privateness and safety.
The key phrase is “skill.”
There’s a standard false impression that RCS comes with end-to-end encryption (E2EE) baked in, however that’s not the case. Google’s Messages app, one of the crucial broadly used RCS shoppers, affords E2EE between Android units as an additional layer of safety for these utilizing the service. That is just like how iMessage gives E2EE completely between Apple units.
When an iPhone communicates with a non-Apple gadget through RCS, messages are solely encrypted in transit utilizing transport-layer encryption (like TLS). Whereas this protects in opposition to primary interception throughout transmission, it doesn’t assure messages can not nonetheless be accessible server-side, not like E2EE, the place solely the sender and recipient can learn the content material.
It’s nonetheless a significant enchancment over SMS, which sends messages in unencrypted plaintext, making them much more weak to interception. Nonetheless, with out full E2EE, RCS in its present state stays a step under platforms like iMessage or Sign.
In a press release to 9to5Mac in March, Apple mentioned:
Finish-to-end encryption is a robust privateness and safety know-how that iMessage has supported for the reason that starting, and now we’re happy to have helped lead a cross {industry} effort to convey end-to-end encryption to the RCS Common Profile printed by the GSMA. We are going to add assist for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software program updates.
At this level, it seems like a kind of {industry} shifts that simply takes time to play out. Requirements should be finalized, after which Apple, Google, carriers, and everybody else within the chain wants to truly implement them. That sort of cross-company collaboration doesn’t occur in a single day or, on this case, over a 12 months. If something, we are able to proceed sleeping nicely at night time, provided that each Apple and Google are publicly on board.
Thanks for studying Safety Chunk is a weekly security-focused column on 9to5Mac. Every week, Arin Waichulis delivers insights on knowledge privateness, uncovers vulnerabilities, and sheds gentle on rising threats inside Apple’s huge ecosystem of over 2 billion energetic units.
Follow Arin: Twitter/X, LinkedIn, Threads
FTC: We use revenue incomes auto affiliate hyperlinks. Extra.
