The GSM Association (GSMA) has officially announced support for end-to-end encryption (E2EE) to protect messages sent via the Rich Communication Services (RCS) protocol, bringing the necessary security protections for cross-platform messaging shared between Android and IOS platforms.
Therefore, RCS’s new GSMA specification includes E2EE based on the Messaging Layer Security (MLS) protocol via what is called RCS Universal Profile 3.0.
“The new specification defines how MLS can be applied within the context of RCS,” said Tom Van Pelt, technical director at GSMA. “These steps ensure that other content, such as messages and files, remains confidential and secure when it moves between clients.”
This also means that RCS will be the first “large messaging service” to support interoperable E2EE between different client implementations from various providers in the near future.
Note that Google’s own RCS implementation used in messaging apps for Android uses Signal Protocol to ensure conversations and address the lack of built-in E2EE protection. That said, the encryption protection guard is currently limited to messages exchanged via apps and is not exchanged with iOS messaging users of other RCS clients on Android.
The development comes almost six months after GSMA stated that it is working on implementing end-to-end encryption (E2E) to protect messages sent between the Android and iOS ecosystems. The move followed Apple’s decision to deploy support for RCS in its own messaging app using iOS 18.
In July 2023, Google announced that it plans to add support for MLS to its messaging service and to add an open source implementation of the specification.
“RCS continues to support a variety of interoperable messaging features between iOS and Android users, including group messaging, the ability to share high-resolution media, and see the read receipts and typing indicators,” says Van Pelt.
When we reached the comment, Google said: “We are always committed to providing a secure messaging experience, and Google Messaging users have had end-to-end encryption (E2EE) RCS messaging for many years. With this updated specification from GSMA, we are excited to implement the mobile ecosystem as quickly as possible, extending this critical user protection to extend RCS messaging.
Source link
