Governments won’t like this: encrypted messaging between Android and iOS devices coming, says GSMA

Imagine a world of the near future where Android and Apple iOS users can message one another with the certainty that their communication is secured against eavesdropping by end-to-end encryption (E2EE).

And it would not only be for one-to-one chats, but across large groups of employees and users, something that is impossible to guarantee today without resorting to standalone apps such as WhatsApp.

These capabilities might soon be a reality, thanks to a technical specification released this week, the GSM Association’s RCS Universal Profile version 3.0.

In development since 2007 as a replacement for SMS, Rich Communication Services (RCS) already allows a range of features including read receipts, typing indicators, and media sharing. But E2EE security, a much more complex technical feat, has always proved elusive.

Thanks to some IETF-backed magic inside RCS 3.0 called the Messaging Layer Security (MLS) protocol, that is about to change. Specifications may come and go, but history suggests that the addition of security to a spec is always a significant moment when people start to feel more positive about its adoption; at least that’s what the GSMA is hoping.

This is especially true for businesses, which value two features above all: absolute certainty about messaging security, and the ability for employees to communicate in large groups. RCS 3.0 with MLS delivers on both fronts, said GSMA technical director, Tom Van Pelt.

“[This ensures] that messages and other content such as files remain confidential and secure as they travel between clients,” he said.

“RCS will be the first large-scale messaging service to support interoperable E2EE between client implementations from different providers. Together with other unique security features such as SIM-based authentication, E2EE will provide RCS users with the highest level of privacy and security for stronger protection from scams, fraud, and other security and privacy threats,” said Van Pelt.

RCS fragmentation

RCS 3.0’s big feature is interoperability, which makes it easier for different apps to implement the same features consistently.  Today, while RCS is widely implemented by OS platforms, mobile networks, and device makers, each does it in their own way. This has led to fragmentation, hindering uptake. 

The result is that if you want to send a secure RCS message between Android devices, you need to use Google’s own Messages app at both ends; it implements E2EE using the well-worn Signal protocol. Similarly, Apple adopted RCS in iMessage last year, but with a proprietary implementation of E2EE.

In short, it’s a confusing jumble. This is one reason why alternatives such as WhatsApp and Signal, both of which also use the Signal protocol, have become so popular; you get E2EE out of the box without compatibility worries, and they allow groups of up to 1,024 members.

Having a single protocol, MLS, covering E2EE changes the story. Now RCS with MLS can offer a range of advanced features including large groups, which are critical for businesses which need many-to-many communication. Right now, if even one user in a group is using an RCS app without compatible E2EE, the security of the whole group chat can be compromised. MLS gives every app maker one IETF standard to aim for.

The WhatsApp effect

Google has said it plans to adopt MLS inside Messages, which means replacing the proven Signal protocol that struggles to handle larger groups. That will take time, during which it will probably support one with a fallback to the other. Apple, too, said it is committed to MLS.

“We will add support for end-to-end encrypted RCS messages to iOS, iPadOS, macOS, and watchOS in future software updates,” said Apple spokesperson Shane Bauer, in support of the GSMA.

As the two biggest platform apps, these names are important. However, one that’s not on the RCS list yet is WhatsApp, an app for both Android and Apple that, with three billion users, operates in a parallel world to RCS-enabled apps.

WhatsApp is in no hurry to adopt MLS. For parent Meta, the real prize is to turn WhatsApp into a secure business communications platform that dominates the messaging space across multiple types of engagement. Despite that, it will eventually have to adopt MLS in some form, not least to comply with the EU’s Digital Markets Act, which mandates greater app interoperability.

“It’s questionable if and when WhatsApp and Signal are going to support this protocol, as both have already implemented end-to-end encryption within each respective ecosystem,” commented Arne Möhle, CEO of secure email provider Tuta Mail.

“As an encrypted email service, we can also say that interoperability is a challenge,” he added. “It comes with complications such as spam and phishing attempts, an issue that WhatsApp has had to fight hard against. This will get even worse once the app starts allowing people to chat with their friends on other platforms as well.”

But E2EE was only today’s privacy issue. Soon, he predicted, messaging platforms will need to evolve to counter the ability of quantum computers to undermine the security of public key encryption.

“The GSMA protocol needs to be updated with quantum-resistant encryption keys,” said Möhle.

Ironically, a major uncertainty is E2EE itself. This is now being probed by the UK government, which has decided to use Apple as its test case in a campaign to introduce backdoors into the encryption used in iCloud services. So far, Apple is resisting, choosing to disable security rather than allow surveillance. Talks are reportedly ongoing.

E2EE, which stores keys on devices rather than centrally, isn’t part of this effort, but might come under fire if the UK government reheats its controversial idea of client-side scanning (scanning messages before they are encrypted on-device).