Apple-Google Encrypted RCS Buries the Interoperability vs. Security Myth

With the news that Apple is embracing cross-platform encrypted messaging, it’s worth taking a closer look at the promise versus the practice of this interoperability feature from an end-user privacy and security perspective. Before, Apple wanted you to know that “if your iPhone messages are green,” it was more than a visual difference, indicating a security gap introduced by interoperability with users sending and receiving messages with SMS. When iPhone users messaged one of the billion people with an Android phone, an outdated SMS standard was used and that conversation could not be end-to-end encrypted (E2EE).

Two critical changes have led to this moment. “Text messaging” has evolved to use enhanced features and the latest protocol is now called RCS, or Rich Communication Services. The latest update to RCS includes E2EE capabilities. And the second is that Apple, which has been under DOJ antitrust scrutiny partly over its messaging practices, has agreed to interoperate iMessage with Google Messages and both will be working together to roll out end-to-end encrypted RCS messaging between iPhones and Android phones.

Google, the proponent of the standard document adopted last year by the GSMA (Global System for Mobile Communications) that specifies Messaging Layer Security in RCS, published its announcement last week.. Apple’s corresponding announcement makes it clear that its roll out of MLS in RCS is in beta and that the E2EE messaging with Android will only work for iPhones running the newest version of iOS.

Messages between two people with iPhones have been encrypted end-to-end since 2011. But if you had an iPhone and sent an RCS message to a user of an Android phone, the message would not be encrypted end-to-end. Now, as a result of standard interoperation between Apple and Google, it will become encrypted end-to-end, indicated visually with a lock icon rather than a bubble-color shift.

End-to-end encryption ensures that only the sender and receiver can read the content of a message. This protects citizens from sophisticated cyber threats, data interceptions, and unauthorized surveillance. However RCS encryption is considered less secure than iMessage because RCS is a feature of network communications, whereas iMessage encryption is a feature of a service. All telecommunications infrastructure will fall short in terms of security due to lawful interception regulations over network-layer services. “Service provided encryption gives end users more of a security guarantee that treats both the network and the service itself as an adversary.” In most countries, networks are provisioned in law to be wiretapped.

It’s important to note that communications using iMessage will remain in the realm of messaging service, rather than with RCS, which is a telecommunications service. Blue versus green bubbles will remain because, Apple says, these two modes are different from a protocol perspective. Apple’s announcement indicates this when it says “[iMessage] is the preferred option for Apple-to-Apple communication.” However this implies that privacy and security gains with interoperable E2EE in RCS are still somehow inferior to iMessage.

RCS achieves its encryption with the MLS protocol, or Messaging Layer Security, an open encryption standard developed by the IETF designed to secure group and one-to-one messaging across platforms. RCS is the modern replacement for SMS, built into telecommunications networks rather than running as centralized services over networks. The GSMA’s interoperable standard ensures that individual company choices aren’t what stands between a user and their right to privacy in everyday communications.

Last year, I published a playbook for E2EE interoperability in Tech Policy Press, making the case that it’s in users best interest to have interoperable E2EE messaging because it creates competition and lowers switching costs. Apple has had years to rectify its unfortunate history of working poorly with Google Messages, and end user privacy has been the casualty. “The US DOJ stepped in to sue Apple, accusing the tech giant of anticompetitive and monopolistic practices,” I wrote at the time. “The suit accused Apple of intentionally making iPhone users' texting experience with Android users worse,” while “Apple’s argument hinged upon technical considerations for security and privacy.” But interoperability has the potential to strengthen, rather than undermine, strong security designs.

The just-announced progress on messaging has immediately led to security gains for billions of users. These gains, achieved with interoperability, run counter to the intuition that Apple and Google have, both in separate contexts, tried to instill in the policy community that interoperability creates vulnerabilities. Expert analysis says their claims are exaggerated at best.

This beta rollout is a milestone, and security researchers are bound to scrutinize it, but the harder work of making strong E2EE interoperable across all messaging still lies ahead.