Google confirms that Gmail messages are encrypted

Google has announced that encryption of messages on Gmail is now available in beta. Despite this excellent news, the majority of Gmail’s 1.8 billion users may be disappointed.

Who can use the Gmail encryption feature?

You can only request enrollment in the Email Encryption trial if you are a Google Workspace Enterprise Plus, Education Plus, or Education Standard user. All other types of Google Workspace accounts are not eligible for client-side encryption, according to a Google announcement. Unfortunately, users of personal Gmail accounts don’t fall into this category. Gmail’s client-side encryption will also work with web browsers, as do most other Google Workspace services that support this feature.

There is no indication when, or even if, the eligibility criteria will change.

Will Gmail benefit from end-to-end encryption?

It’s also important to note that Google’s statement doesn’t mention end-to-end encryption all at once, but refers to client-side encryption. The Google Workspace help page states that this means “content encryption is handled in the client’s browser before data is transmitted or stored in the Google cloud”. This is a different feature than end-to-end encryption, where the encryption/decryption keys are only known to the sender and receiver. With the Google app, decryption keys are generated on the client side by a cloud-based key management service, with six partner organizations to choose from at the moment.

As Google states, “The use of client-side encryption in Gmail ensures that sensitive data contained in the message body and attachments cannot be decrypted by Google’s servers. This is undoubtedly good news, as is the fact that organizations retain control of their encryption keys and have a range of providers.” Identity services to choose from. However, if Google’s servers cannot decrypt the data and access the encrypted email content, the organization’s administrator can. This does not mean that Google’s implementation of client-side encryption is bad, but organizations and users should be aware that it is a solution Different from the end-to-end encryption that the public expects.

Beta registration requests will be accepted in the coming weeks

Google’s client-side encryption is already an option, in a web browser only, for users of Google Drive, Google Meet, and Google Calendar in a workspace. Google said acceptance of Gmail Encryption beta apps and activation of the service will begin “over the next few weeks.” Once accepted, administrators will need to enable the feature using the following settings for domain and group levels: Admin console, security, access and data control, and client-side encryption .

Gmail encryption for the rest of the public

Regular Gmail users who aren’t eligible for the client-side encryption beta can use Secret Mode, which offers some privacy protection, but isn’t an encryption feature. Strictly speaking. This mode allows you to add expiration dates after which the message cannot be read, as well as codes that will be sent via SMS to open an email. Confidential mode can also disable the recipient’s ability to forward, download, copy, or print the message. For end-to-end encryption, you can use an OpenPGP browser plugin like Mailvelope, which makes the privacy process as easy as possible.

Translated article from the American magazine Forbes – Author: Davey Winder

<< اقرأ أيضًا: Gmail: تتجاوز البرامج الضارة الجديدة كلمات المرور ونظام 2FA لقراءة جميع رسائل البريد الإلكتروني >>>