Gmail is one of—if not the—most popular email platform in the world. But it’s not the favorite for users who care about their privacy. Google doesn’t offer end-to-end encryption (E2EE) for basic Gmail users, instead opting for “Transport Layer Security” (TLS). This provides security in transit, but doesn’t help once the message reaches its destination. While TLS is better than nothing, it doesn’t offer the same level of security as E2EE, which scrambles messages for everyone other than the sender, recipients, and whoever else has the decryption key. As such, privacy-minded users often look elsewhere for their email needs, like Proton Mail.
But Google does offer more advanced encryption for some users—namely, work or school Workspace accounts. There’s Secure/Multipurpose Internet Mail Extensions (S/MIME), which, like E2EE, encrypts emails in transit and in the sender’s and recipients’ inboxes. But it comes with the drawback of Google having a decryption key as well. In theory, Google could decrypt your emails—or, if Google was successfully hacked, an attacker could use the key to decrypt your emails. That’s where client-side encryption (CSE) comes in: Here, the organizer of a Google Workspace plan has that decryption key, not Google, which means decryption is only possible within the organization.
If your company has a Workspace plan, this is the encryption to use if you want your email as secure as possible. But the main issue up to this point is that CSE has only been available on desktop. When at your computer, you could take advantage of encrypted Gmail, but when on the go, the mobile Gmail app didn’t support it. According to Google, the only way to access CSE emails on mobile was to rely on extra apps and email portals.
Gmail on iOS and Android now supports E2EE through CSE
That’s all changing now. On Thursday, Google announced it is now rolling out CSE support for the iOS and Android Gmail apps. Going forward, you can write and read E2EE emails directly within Gmail, no matter how you access the app. Plus, you’ll be able to send E2EE emails to anyone, even if they don’t have Gmail.
Google says that if your recipient has Gmail, they’ll simply be able to open the message in their inbox. If they have a different email address (e.g. Outlook, Yahoo, iCloud, Proton, etc.), they’ll still be able to read the email, but they’ll need to open it in their device’s browser. However, be careful when sending messages with CSE, as not everything you send is encrypted end-to-end. According to Google’s help page on CSE, the body of the email will have total encryption, but the header, subject, timestamps, and recipients, will not have additional encryption.
How to send E2EE messages in Gmail
The admin of your organization will need to enable CSE for iOS and Android on their end before you see the option in your app. Once that happens, choose “Compose,” then select “Message security,” which has a lock icon. Under “Additional encryption,” choose “Turn on.” Then, craft your email as you normally would.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.