Google has announced that it is rolling out end-to-end encryption to users of Google Messages, Android’s default SMS and RCS app. The feature has been in testing for months and is now available to everyone.
Encryption in Google Messages only works if both users use the service. Both users must also be in a 1:1 chat (group chats are not allowed) and RCS must be enabled for both. RCS was supposed to be a replacement for SMS – a default-enabled, carrier-driven standard for text messaging. RCS was conceived in 2008 and adds 2008-level features to courier messaging, such as user presence, typing status, read receipts, and location sharing.
Text messaging used to be a cash cow for carriers, but with the advent of unlimited texting and the commoditization of courier messaging, there’s no clear motivation for carriers to release RCS. As a result, the RCS rollout is nothing but false promises and delays. The airlines dissolved a joint venture called the “Cross-Carrier Messaging Initiative” in April, virtually nullifying any hopes that RCS will ever achieve SMS-like ubiquity. Apple executives have also indicated internally that they see easy messaging with Android as a threat to the lockdown of the iOS ecosystem, so it would take a significant change of heart for Apple to support RCS.
As a result, Google is the biggest player that cares about RCS, and in 2019 the company started pushing its own carrier-independent RCS system. Users can dig into the Google Messages app’s settings and enable “Chat Features,” which refers to Google’s version of RCS. It works if both users have the checkbox checked, but again, the original purpose of a ubiquitous SMS replacement seems to have been lost. This makes Google RCS a bit like any other over-the-top messaging service, but coupled with the slow and outdated RCS protocol. For example, end-to-end encryption is not part of the RCS specification. Since it’s something Google adds on top of RCS and it’s done in software, both users need to be on Google Messages. Other clients are not supported.
Google released a white paper detailing the implementation of the feature, and there aren’t too many surprises. The company uses the Signal protocol for encryption, just like Signal, Whatsapp and Facebook Messenger. The Google Messages web app works fine as it still relies on an (encrypted) local connection to your phone to send messages. Encrypted messages on Wear OS aren’t supported yet, but will be one day (hopefully in time for that big overhaul). Even though the message text is encrypted, third parties can still see metadata such as sent and received phone numbers, timestamps, and estimated message sizes.
If you and your messaging partner have all the settings correct, you’ll see lock icons next to the send button and the “message sent” status.