Thanks to WhatsApp, we all know end-to-end encryption. Most of us also understand its importance in the increasingly digital era, of hacking and leaking. Now Google has announced that it is extending encryption services to Gmail, the one email most of us use. But conditions have been added.
Wait a minute, Gmail has no encryption for emails and we’re in 2022? Did you also think it should have been the norm ages ago? We thought so too!
None of us want our emails or messages to be read by anyone other than ourselves and the person we send them to. For a long time, Gmail did not have this encryption protection and we all just had a blind faith in the almighty Google.
Google rolled out what’s called on Friday client side encryption for Gmail. Unfortunately, it has not yet been rolled out for personal accounts. It looks like it will take much longer than 2022 or even 2023 for that to become a reality.
So, what is client-side encryption (CSE)? First of all, it’s not end-to-end encryption like WhatsApp’s; that Google offers. And the client-side encryption service is still in beta mode.
- Currently, the service is only available to Google Workspace Enterprise Plus, Education Plus, and Education Standard users, not personal accounts.
- CSE is intended for organizational use, where company administrators can encrypt and decrypt data on Google services.
- Employees on the organizational Gmail system can send and receive emails through several other email providers with secure encryption.
- It means that the service provider, like Google servers, cannot read the emails. Therefore, it offers protection against any hacking attempt at any level (be it during the sending of the email or at the beginning or end).
- However, the organization has the decryption key, which means only the company can see all interactions between everyone hosted on its system.
The use of client-side encryption in Gmail ensures that sensitive data in the email body and attachments cannot be deciphered by Google servers. Customers maintain control over encryption keys and the identity service to access those keys.
- In comparison, end-to-end encryption works on an individual level, where only the sender and receiver can decrypt the message and no one else.
- Currently, this service is only useful to organizations that can generate their own decryption keys, meaning IT companies will likely benefit from it.
What is encrypted? The body of the email, attachments and inline images are encrypted in the services.
- However, the subject or header of the email, timestamps, or recipient list is not encrypted.
- Users can sign up for the beta version until January 20, 2023. CSE for Gmail is also available for web use only and does not yet apply to the Gmail app. Google has promised to roll out the services for their mobile apps in the future as well.
- In addition to Gmail, CSE is already available for Google Docs, sheets, slides, drive, meet, and agenda in various capacities.
Other alternatives: Currently, Gmail offers its users what’s called TLS (Transport Layer Security), which protects your emails from eavesdropping and hacking while in transit.
- But the email is susceptible to hacking on Google servers once the message is successfully sent and received.
- Some alternatives to Gmail are Proton Mail, FlowCrypt or Hushmail. For those with iPhones, you can still use Gmail with the added protection like that of Proton Mail, in the Mail app on iOS.
- Speaking of iPhone, Apple has also rolled out end-to-end encryption for iCloud backups. You can get it with the latest software update. This means that whatever you back up will also remain protected from hackers.
Of course, other than the owner of the chats giving access, there was no other way to retrieve all that data. Except there was another way: backups! If you’re in the custody of the CBI or other high-ranking government agency, chances are they’ll recover your phone’s backups.
WhatsApp backups are not end-to-end encrypted and vulnerable to hacking and snooping by any authority. But if you are an iPhone userlucky you with the latest end-to-end encryption rolled out for iCloud backups.