9to5Mac Safety Chew is completely dropped at you by Mosyle, the one Apple Unified Platform. Making Apple units work-ready and enterprise-safe is all we do. Our distinctive built-in method to administration and safety combines state-of-the-art Apple-specific safety options for totally automated Hardening & Compliance, Subsequent Technology EDR, AI-powered Zero Belief, and unique Privilege Administration with probably the most highly effective and trendy Apple MDM in the marketplace. The result’s a completely automated Apple Unified Platform at the moment trusted by over 45,000 organizations to make hundreds of thousands of Apple units work-ready with no effort and at an inexpensive value. Request your EXTENDED TRIAL as we speak and perceive why Mosyle is the whole lot it is advisable to work with Apple.
Earlier this yr, Apple introduced that it was main the cost on a cross-industry effort to carry end-to-end encryption (E2EE) to the RCS Common Profile, which is revealed by the GSMA. Apple advised 9to5Mac in March it will come to the iPhone in a future software program replace. Google quickly after jumped in, stating it too was ‘dedicated to offering a safe messaging expertise.’
I didn’t assume it was fully unreasonable to imagine we’d see this showcased at WWDC 2025…that didn’t occur. Then I believed perhaps in one of many iOS 26 betas? Additionally nothing. So, what occurred to cross-platform E2EE for RCS messaging? Is it nonetheless coming?
With this functionality integrated into the usual, all Wealthy Communication Commonplace (RCS) messaging between iPhone and Android customers can be fully unreadable to backend intermediaries—its contents encrypted, scrambled into gibberish, and solely unlockable with the decryption key saved on the consumer units. Big for consumer privateness.
For the reason that launch of iOS 18 beta 2 in June, Apple has added RCS assist, permitting iPhone customers to lastly ship wealthy messages with audio and bigger media recordsdata to Android customers who aren’t utilizing iMessage. It was a welcoming transfer for folks with dad and mom who refuse to get an iPhone. In contrast to the {industry} customary SMS, RCS provides acquainted options comparable to learn receipts and the basic typing indication animation, nevertheless it additionally provides the flexibility to vastly enhance privateness and safety.
The key phrase is “capacity.”
There’s a standard false impression that RCS comes with end-to-end encryption (E2EE) baked in, however that’s not the case. Google’s Messages app, one of the vital extensively used RCS purchasers, provides E2EE between Android units as an additional layer of safety for these utilizing the service. That is just like how iMessage gives E2EE completely between Apple units.
When an iPhone communicates with a non-Apple system by way of RCS, messages are solely encrypted in transit utilizing transport-layer encryption (like TLS). Whereas this protects in opposition to primary interception throughout transmission, it doesn’t assure messages can not nonetheless be accessible server-side, in contrast to E2EE, the place solely the sender and recipient can learn the content material.
It’s nonetheless a significant enchancment over SMS, which sends messages in unencrypted plaintext, making them much more weak to interception. Nonetheless, with out full E2EE, RCS in its present state stays a step beneath platforms like iMessage or Sign.
In an announcement to 9to5Mac in March, Apple stated:
Finish-to-end encryption is a strong privateness and safety expertise that iMessage has supported for the reason that starting, and now we’re happy to have helped lead a cross {industry} effort to carry end-to-end encryption to the RCS Common Profile revealed by the GSMA. We are going to add assist for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software program updates.
At this level, it appears like a kind of {industry} shifts that simply takes time to play out. Requirements need to be finalized, after which Apple, Google, carriers, and everybody else within the chain wants to really implement them. That sort of cross-company collaboration doesn’t occur in a single day or, on this case, over a yr. If something, we will proceed sleeping properly at night time, on condition that each Apple and Google are publicly on board.
Thanks for studying Safety Chew is a weekly security-focused column on 9to5Mac. Every week, Arin Waichulis delivers insights on information privateness, uncovers vulnerabilities, and sheds gentle on rising threats inside Apple’s huge ecosystem of over 2 billion energetic units.
Follow Arin: Twitter/X, LinkedIn, Threads
FTC: We use earnings incomes auto affiliate hyperlinks. Extra.
