Text messages exchanged between iPhones and Android devices are set to benefit from end-to-end encryption (E2EE) following the publication of new specifications for the Rich Communication Services (RCS) protocol by the GSM Association (GSMA), which now includes support for cross-platform E2EE.

The RCS protocol has long been an effort to enable cross-platform communications with features such as group messaging, typing indicators, read receipts, and file-sharing, similar to those offered by messaging apps like WhatsApp.

Although many Android handset manufacturers had adopted RCS over the years, Apple was a notable exception until it finally supported RCS with the introduction of iOS 18 last year. While most core RCS features have been available for cross-platform messaging since then, E2EE has been missing until now.

Selling point

For those unfamiliar, E2EE is a data encryption method that ensures only the sender and recipient can read the content of a message. This privacy-preserving feature is a significant selling point for tech companies, as it guarantees users that their messages are safe from interception. Apple introduced E2EE with iMessage in 2011, although it only worked between iOS devices, while WhatsApp completed its E2EE rollout in 2016, which also only worked between WhatsApp users.

Google has also added E2EE to its Messages app, but this was a separate undertaking from the RCS protocol itself.

Encrypting messages across different clients and platforms poses unique challenges, which is where the GSMA’s universal profile comes in, providing a standardized specification for consistent and interoperable RCS messaging across devices, networks, and operators.

The new E2EE mechanism in the RCS Universal Profile 3.0 is based on the cryptographic Messaging Layer Security (MLS) protocol and is a crucial component of the interoperable jigsaw, enabling iPhone and Android users to communicate securely via their device’s native messaging app.

“This means RCS will be the first large-scale messaging service to support interoperable E2EE between client implementations from different providers,” said Tom Van Pelt, GSMA technical director, in a statement. “Together with other unique security features such as SIM-based authentication, E2EE will provide RCS users with the highest level of privacy and security for stronger protection from scams, fraud, and other security and privacy threats.”