When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Gmail's client-side encryption is now available on Android and iOS

Neowin · with 10 comments

A graphical representation of Gmail

Google announced today that Gmail's client-side encryption (CSE) is now available for Android and iOS devices, giving users more control over encryption keys and data access. Client-side encryption was added to the web version of Gmail earlier this year. It lets users read and write encrypted emails directly from their devices.

In its blog post, Google stated:

While Workspace encrypts data at rest and in transit by using secure-by-design cryptographic libraries, client-side encryption ensures that you have sole control over encryption keys and access to your data. Client-side encryption ensures sensitive data in the email body and attachments are indecipherable to Google servers — you retain control over encryption keys and the identity service to access those keys.

The feature is available to the users of Google Workspace Enterprise Plus, Education Plus, and Education Standard. Client-side encryption is not supported on other Workspace editions such as Essentials, Business Starter, Business Standard Plus, etc. Also, it is not available to users with personal Google accounts.

Google said that the feature allows "users to work with your most sensitive data from anywhere on their mobile devices while adhering to compliance and regulatory requirements." It does so by using the S/MIME protocol to encrypt and digitally sign emails before sending them to Google servers.

Gmail client side encryption

While composing their email on Gmail for Android or iOS, eligible users can turn on client-side encryption by tapping on the blue lock icon present in the subject field. However, the feature is disabled by default and admins will have to enable access through the CSE admin interface.

In recent news, the search giant turned 25 this week and allowed teens aged 13 (and above) to get their hands on its generative search experience. It also announced a new tool called Google-Extended that lets website admins control whether Google can access their content to train its Bard AI.

Google is also pulling the plug on the basic HTML version of Gmail that was meant to support legacy browsers or help users with slow connections. Starting early next year, the basic Gmail will be out of the picture and the Standard view will load by default.

Report a problem with article
Illustration of a cellphone in a hand
Next Article

Grindr charged with a hefty fine of $6 million for sharing sensitive user data illegally

AMD logo
Previous Article

First AMD FSR 3 game updates and FPS boosts are live for Forspoken and Immortals of Aveum

Join the conversation!

Login or Sign Up to read and post a comment.

10 Comments - Add comment