Gmail is one of these—if not —The most popular email platform in the world. But it is not a favorite for users who care about their privacy. Google does not offer end-to-end encryption (E2EE) for basic Gmail users, opting instead for “Transport Layer Security” (TLS). It provides protection in transitBut that doesn’t help once the message reaches its destination. While TLS is better than nothing, it does not provide the same level of security as E2EE, which scrambles messages for everyone except the sender, recipients, and those who have the decryption key. As such, privacy-minded users often look elsewhere for their email needs, such as Proton Mail.
but google does Provide more advanced encryption for some users—that is, work or school Workspace accounts. It has Secure/Multipurpose Internet Mail Extensions (S/MIME), which, like E2EE, encrypts email in transit and in the sender’s and recipient’s inboxes. But it also has the drawback of Google having the decryption key. In theory, Google could decrypt your emails – or, if Google were successfully hacked, an attacker could use the key to decrypt your emails. This is where client-side encryption (CSE) comes in: Here, the organizer of the Google Workspace plan holds the decryption key, not Google, which means decryption is only possible within the organization.
If your company has a Workspace plan, it’s best to use encryption if you want to keep your email as secure as possible. But the main issue up to this point is that CSE is only available on desktop. You could take advantage of encrypted Gmail when you were on your computer, but when you were on the go, the mobile Gmail app didn’t support it. According to Google, the only way to access CSE email on mobile was to rely on additional apps and email portals.
Gmail on iOS and Android now supports E2EE via CSE
That’s all changing now. on thursday, Google announced It is now introducing CSE support for iOS and Android Gmail apps. Moving forward, you can write and read E2EE emails directly within Gmail, no matter how you access the app. Plus, you’ll be able to send E2EE emails to anyone, even if they don’t have Gmail.
What do you think so far?
Google says that if your recipient has Gmail, they will be able to easily open the message in their inbox. If they have a different email address (e.g. Outlook, Yahoo, iCloud, Proton, etc.), they’ll still be able to read the email, but they’ll have to open it in their device’s browser. However, be careful when sending messages with CSE, otherwise Everything What you send is end-to-end encrypted. According to Google’s help page on CSEThe body of the email will have full encryption, but the headers, subject, timestamp, and recipients will not have additional encryption.
How to send E2EE messages in Gmail
Your organization’s administrator must enable CSE for iOS and Android on their behalf before you can see the option in your app. Once that happens, select “Compose,” then select “Message Security,” which has a lock icon. Under “Additional encryption,” select “On.” Then, prepare your email as you normally would.
