The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms.
To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol via what’s called the RCS Universal Profile 3.0.
“The new specifications define how to apply MLS within the context of RCS,” Tom Van Pelt, technical director of GSMA, said. “These procedures ensure that messages and other content such as files remain confidential and secure as they travel between clients.”
This also means that RCS will be the first “large-scale messaging service” to have support for interoperable E2EE between different client implementations from different providers in the near future.
It’s worth noting that Google’s own implementation of RCS, used in the Messages app for Android, secures conversations using the Signal protocol to address the lack of built-in E2EE protections. That said, the encryption safeguards are currently limited to messages exchanged via the app, and not those exchanged with the iOS Messages users or users of other RCS clients on Android.
The development comes nearly six months after the GSMA said it was working towards implementing end-to-end encryption (E2EE) to secure messages sent between the Android and iOS ecosystems. The move followed Apple’s decision to roll out support for RCS in its own Messages app with iOS 18.
In July 2023, Google revealed that it intends to add support for MLS to its Messages service and open-source implementation of the specification.
“RCS continues to support a range of interoperable messaging functions between iOS and Android users, such as group messaging, the ability to share high-resolution media, and see read receipts and typing indicators,” Van Pelt said.
When reached for comment, Google said, “We’ve always been committed to providing a secure messaging experience, and Google Messages users have had end-to-end encrypted (E2EE) RCS messaging for years. We’re excited to have this updated specification from GSMA and work as quickly as possible with the mobile ecosystem to implement and extend this important user protection to cross-platform RCS messaging.”
About The Author
Original post here
