Security

End-to-end encryption? In Android's default messaging app? Don't worry, nobody else noticed either

RCS throws the dice


Analysis Google is rolling out end-to-end encryption in the unloved and unwanted Android Rich Communication Services, as part of a renewed hope people might use messaging services controlled by the Chocolate Factory.

The rollout seems to be a last roll of the dice for RCS, which began life as the telco industries’ SMS killer – or, more prosaically, their belated response to the growth of over-the-top (OTT) messaging services such as Blackberry Messenger and WhatsApp.

Following Google-fuelled rumours in May of an E2E rollout for RCS, this week saw confirmation that a “beta” covering the entire world (less China and Russia) has been put into force.

“We’re continually improving security protections to safeguard your privacy and will be rolling out end-to-end encryption, starting with one-on-one RCS conversations between people using Messages,” burbled Google bod Drew Rowny.

There’s three main problems for Google here: RCS is not about security; users have plenty of secure(ish) alternatives already; and the wider market couldn’t give a toss about RCS anyway.

RCS was conceived to both replace SMS messaging and halt the growth OTT messaging apps. As is obvious, it failed at both aims: Juniper Research reckoned that just 16 per cent of mobile devices worldwide would support RCS this year, despite lots of early time and effort from the mobile industry and latterly Google itself.

While RCS is baked into the default Android Messages app, that is best known as the app which fields SMS messages and not the one you’d use for group chats, secure(ish) messaging or anything more upmarket than that.

Rich Communication Services: Nobody uses it, nobody wants it, but analysts reckon it's on the verge of a breakthrough

READ MORE

Despite some sneering at mobile networks’ “incoherent and broken” rollout of RCS over the past few years, this pitch at the security-focused end of the market feels like a last gasp, a final throw of the dice before the slow, sad shuffle to the cashier’s hatch while clutching that last sweaty chip, mumbling that just one more bet would have seen the odds swing in your favour.

WhatsApp deployed E2E security yonks ago, while more privacy-conscious folk who don’t trust the Facebook-owned firm’s promises have a fully functional alternative in Signal, or Apple’s iMessage for fans of the fruity firm.

And despite this latest Google-backed RCS marketing push being based on security, other industry sources have let the cat out of the bag: driving up RCS adoption has little to do with keeping users safe and everything to do with harvesting users to feed into “a whole new category of targeted marketing”.

Increased security is a dubious selling point for mass-use messaging apps, at least in nothing-to-hide-nothing-to-fear Britain. Although Whatsapp flashes up a warning when the account on the other side of the chat changes its security key, in reality all this does is flag up that someone’s bought a new phone rather than been murdered and secretly replaced by an MI5 hooligan. ®

Send us news
41 Comments
Get our Security newsletter

Keep Reading

India launches Google antitrust probe and Google mostly shrugs it off

The usual stuff in the spotlight: Google Pay crowding out rivals, search algo bias

Kick Google all you like, Mozilla tells US government, so long as we keep getting our Google-bucks

In case you've forgotten: Google sends Mozilla about $400m a year

Cutting the ties: European hosting provider OVHCloud to offer Google Anthos, no Google account needed

Full Euro data sovereignty, promises cloud company

What's for Christmas, Google? Oh, you're taking away free phone calls from our Nest speakers

Reach out to your loved ones - but in Great Britain you'll have to use your phone

Google to 'surface' friendly banks' business loans through Pay app

To help Indian small businesses cope with COVID crunch

Brace yourselves: Google Cloud preps server firmware upgrade to fix GPU glitches

If you run a physical graphics accelerator and SSD in the G-cloud, pay attention

Nokia snuggles up with Google Cloud as it aims to switch off on-prem servers within next two years

Yep, there it is. 'Digital transformation'

Google Nest server outage leaves US, European smart homes acting dumb

Downtime infuriates customers – guess they'll have to just swallow it

Google creates secure file locker for countries where people often share smartphones

Handy service for India and Nigeria, or feature creep that constricts competition?

Google yanks Apple Silicon Chrome port after browser is found to 'crash unexpectedly'

Updated You'll have to run x64 version through the Rosetta emulation layer, or give it access to the Mac Bluetooth radio

Tech Resources

Navigating the New Era of Cloud Computing

Hear from Steve Sibley, VP of Offering Management for IBM Power Systems about how IBM Power Systems can enable hybrid cloud environments that support “build once, deploy anywhere” options.

Simplifying Hybrid Cloud Flash Storage

According to industry analysts, a critical element for secure hybrid multicloud environments is the storage infrastructure.

The Ransomware Hunt that Unearthed a Historic Banking Trojan

The Sophos Managed Threat Response (MTR) team provides customers with swift, human-led responses to the nastiest threats and most sophisticated adversaries.

IBM and Nvidia® Solutions Power Insights with the New AI

IBM is well-positioned to help organizations incorporate high-performance solutions for AI into the enterprise landscape.