How end-to-end encryption improves security in messages

End-to-end encryption will be applied to all qualifying messages and attachments, such as images and videos. End-to-end encryption is a security mechanism that ensures the confidentiality of your communications. With end-to-end encryption, no one can read approved messages as they travel between your phone and the phone you’re messaging, including Google and other parties. You and the person you’re messaging both need to do the following to use end-to-end in encrypted messages:

  • Use the Messages app to communicate.
  • Chat functionality should be enabled.
  • For Rich Communications Services (RCS) messages.


In the RCS state, text messages are dark blue, while in the SMS/MMS state, they are light blue. In qualifying discussions, end-to-end encryption is enabled by default. When end-to-end encryption is enabled in a chat, you’ll see a banner that says, “Chatting with [contact name or phone number].” The send button on your emails will also be locked. End-to-end encrypted messages’ timestamps are likewise locked. Important: SMS/MMS messages do not support end-to-end encryption.

  • Messages are sent in groups.

What is end-to-end encryption, and how does it work?


All discussions, including their text and any files or media, are encrypted as the data travels between devices when you use the Messages app to transmit end-to-end encrypted messages. Encryption is the process of converting data into jumbled text. The only way to decode the illegible text is to use a secret key.

A secret key is a number that is generated on both your device and the device to which you are sending a message. It can only be found on these two devices. This information is not shared with Google, anybody else, or any other device. For each message, a new one is generated.

When the encrypted communication is created, it is erased from the sender’s device, and when the message is decrypted, it is deleted from the receiver’s device. Because they don’t have the key, the Messages delivery server and any other person or third party who might acquire access to data for communications and content transported between devices won’t be able to read end-to-end encrypted messages.

A unique verification code is assigned to each end-to-end encrypted session. To ensure that your messages are encrypted end-to-end, this code must be the same for you and your contact. End-to-end encryption for communications sent or received is no longer feasible if you or your contact loses chat functionality.

To ensure that a public key is the authentic key produced by the intended recipient, embed it in a certificate that has been digitally signed by a recognized certificate authority (CA).Because the CA’s public key being widely distributed and known, its veracity may be respected; a certificate signed with that public key is presumed to be authentic.The CA would probably not sign a certificate that connected a different public key with the same name because the certification connects the recipient’s identity and digital certificate.