Suddenly, it has all gone wrong for Google Messages. After campaigning for years to see the realization of its “seamless messaging” dream, no sooner was it here than it was gone. The question now is whether there’s any chance it will ever come back.
Rather like a slow motion train crash, while Apple’s long-awaited adoption of RCS was quickly celebrated by Google, no sooner had it launched than it was being criticized for its awkward security vulnerability—despite iMessage constantly lauding its end-to-end encryption, those green bubbles continue to do without.
Google and the GSMA were fast to respond, promising end-to-end encryption for RCS is now in the works. But while that might have carried the day, along comes China to spoil the party. Its state-backed hackers, it seems, have broken into US telco networks, underlying the very reason Apple, Google and others insist on end-to-end encryption in the first place. With the FBI and CISA now both warning citizens to use responsibly encrypted platforms, cross-platform RCS has taken a huge hit. Even Samsung has warned users that texting Android to iPhone lacks security.
Apple has never made any secret of the fact that iMessage is only secure within its own walled garden. It was Google pushing for cross-platform RCS, not Apple. And when it finally launched with iOS 18, Google put out the public messaging on non-blurry images and other new features, Apple didn’t say much if anything at all.
And so its Google Messages that much now pick up the pieces of this security nightmare and work out what it does next. How fast can RCS be upgraded to meet the responsibly encrypted bar set by those US government officials? How does Google or Apple push users to send basic RCS/SMS texts against the backdrop of those government warnings? How quickly will network confidence return?
But with timing being everything, the final concrete block standing in the way of that RCS train might be Apple’s imminent iPhone update—iOS 18.2. Much to everyone’s surprise, the iMaker has decided to offer all its users—not just those in regulated Europe–the option to change their default apps. That means selecting an over-the-tops like WhatsApp or Signal for default calls and messages for the first time.
If the 2024 RCS dream has taken a hit, whether or not it has been holed below the waterline remains to be seen. What is clear is that this plays into the hands of Meta, which owns the world’s largest end-to-end encrypted messaging platforms—WhatsApp and Facebook Messenger, even if they’re not “responsibly” encrypted per the FBI’s term, meaning lawful access to content when warranted.
For Google Messages users defaulting to that platform when texting friends, family and colleagues, you now need a new app. If you don’t have WhatsApp or Messenger or Signal, then you should install one now. The pick of the bunch is WhatsApp, which finds the right balance between security, functionality and scale. You’ll find most people you message will already have the app installed.
Keeping with the security theme, to ensure the integrity of end-to-end encryption, you need to do two things. First, set up WhatsApp (or an alternative) properly. That means two-factor authentication and passkeys when available. Second, ensure you don’t take risks with links, downloads and app installs. Whatever messenger you use, if an attacker takes control of your phone through malware or luring you to install a malicious app, it’s as if you haven’t secured your content at all.
