Apple will soon support encrypted RCS messaging with Android users
269 comments
·March 14, 2025oneplane
jeroenhd
The encryption is based on MLS: https://www.rfc-editor.org/rfc/rfc9420.html
I don't think Google wanted to gatekeep their E2EE implementation. They have some generic documentation about how it works: https://www.gstatic.com/messages/papers/messages_e2ee.pdf
The thing about RCS is that no messengers seem to care at all about implementing RCS themselves. Part of that is probably because depending on the carrier, RCS may require access to certain SIM card information, which only pre-installed apps can do, and part of it is that many developers are waiting for Google to add RCS to the same API that SMS/MMS already exposes because they don't want to implement RCS themselves.
Realistically, the target demographic for their documentation is 1) Apple (who they'd happily supply with details to get rid of the green bubble problem) and maybe 2) government officials looking into antitrust concerns. In theory someone working for LineageOS can implement an RCS client, though, but for those developers I don't think reverse engineering the remaining unknowns about the protocol (mostly "what server" and "what message contents") aren't that difficult.
I'm not cryptographer, but I haven't heard any major issues from actual cryptographers about MLS. It's encryption principles seem to be similar to those of Signal. Google is actually already using MLS in their proprietary E2EE implementation.
Ideally, MLS would be combined with MIMI so that messaging apps become interoperable, but that's probably a pipe dream.
jandrewrogers
> who they'd happily supply with details to get rid of the green bubble problem
I would be surprised if this eliminates green bubbles. iMessage supports many features unavailable over RCS on Android devices. These would still be disabled and Apple needs a way to indicate a degraded feature set to iMessage users.
MBCook
Yep. They’re never going away.
Blue = iMessage Green = Other
It doesn’t matter if both support 100% identical feature sets, it’s gonna stay like that.
snypher
Just please stop sending the text that reads as follows, it totally destroys group chats and the amount of information conveyed in a react doesn't require quoting back the entire message, eg
Liked "I would be surprised if this eliminates green bubbles. iMessage supports many features unavailable over RCS on Android devices. These would still be disabled and Apple needs a way to indicate a degraded feature set to iMessage users."
acdha
The protocol is open but key exchange is not: even on Android, third-party messengers can’t interoperate with Google Messages. See page 11 of that PDF.
jeroenhd
That's true, but Google has also indicated that they're switching to the GSMA spec which is intended for interoperability.
I also doubt that Google would withhold such details from parties like Apple even if they maintained their proprietary format. Small developers would need to reverse engineer the details, unfortunately.
g-b-r
That text seems more a reflection of the fact that only Messages supported it, when the document was written
If they seriously wanted random third parties to implement it, anyhow, they'd have published a specification, not an "overview"
crossroadsguy
> the green bubble problem
Is this a problem? Outside NA?
Because the rest of the world seems to neither care nor even notice the bubble (of either colour) i.e iMessage is irrelevant almost entirely outside North America (and that too I guess mostly USA; only among just the iPhone users of course)
jandrewrogers
I believe Canada has an even higher iOS market share than the US. Mexico mostly uses WhatsApp but I don’t text people there much. I have and use both WhatsApp and Signal routinely in addition to iMessage; no one I know uses WhatsApp within North America and only a handful use Signal.
When I worked in Europe just about everyone I texted with had an iPhone. We always use WhatsApp or Signal there by default. Nonetheless, iMessage was usually the fallback when those chat apps glitched because it is so reliable, especially compared to Signal. YMMV, etc.
What iMessage has going for it is that it is genuinely a very good implementation of a social chat app with unique features enabled by the iCloud ecosystem. I’m pretty agnostic about it, I’ve used a lot of chat apps by virtue of being more global than most, but iMessage is objectively pretty great when you stay within the Apple ecosystem. I’ve reduced things down to WhatsApp, Signal, and iMessage, which is kind of the minimum set that gets you global coverage, but if everyone is on iOS then iMessage is noticeably superior to Signal or WhatsApp. iMessage is more than just a chat app but it limits itself to that when interacting with other ecosystems.
_bin_
America is the world's biggest market and most hackernews live here. So it's pretty relevant here.
cubefox
> I don't think reverse engineering the remaining unknowns about the protocol (mostly "what server" and "what message contents") aren't that difficult.
That's hard to parse. Removing the double negation, we end up with
"I think reverse engineering the remaining unknowns about the protocol (mostly "what server" and "what message contents") are that difficult."
DownrightNifty
> many developers are waiting for Google to add RCS to the same API that SMS/MMS already exposes because they don't want to implement RCS themselves.
Is that a planned feature? It's frustrating that third party messaging apps don't work with RCS. I hope we don't have to get the EU involved here...
DownrightNifty
Extra context I forgot to provide:
> RCS may require access to certain SIM card information, which only pre-installed apps can do
> because they don't want to implement RCS themselves.
Sounds like they can't implement RCS themselves even if they wanted to, not simply that Google doesn't provide an open source implementation? (Referring to app developers here, not custom ROM devs.)
jeroenhd
I haven't seen any indication of that at all. There's sort of an API, but it's basically restricted to Samsung's messenger only.
The EU won't get involved unless a significant chunk of the user base uses Google Messenger. I don't think EU users will reach that threshold because most of the EU uses basically any chat app except for SMS/MMS. Things like receiving verification SMS messages still work using the existing API and I have a feeling that that represents the majority of SMS use in the EU.
null
stephenr
I understand your point that the "news" part is that RCS standard now includes E2EE, rather than about Apple's support for said standard.
But I don't think it's fair to suggest or imply that this development is unrelated to Apple either.
RCS has been a thing for nearly a decade, and Google's RCS backend has been doing non-standard E2EE for half that time.
Within 8 months of Apple publicly announcing they would adopt RCS and work with GSMA to support standardised E2EE, there is suddenly a standard for it...
OneDeuxTriSeiGo
It is worth noting that the E2EE system they are using (MLS/RFC9420) was only finalised as a standard as of mid 2023 and has had errata from the last few months. They basically added E2EE to RCS more or less as soon as the protocol they are using standardized with IETF.
hocuspocus
Google has been working on replacing the ad-hoc Signal protocol with MLS since before Apple announced they'd support RCS, it would have happened anyway.
It's more likely Apple was made aware of the spec/Jibe/Messages roadmap when they finally got on board, decided not to target the latest UP version for some reason, and realized implementing the current E2EE scheme would be wasted effort given it would need to be revamped within a year. The iOS RCS client is still pretty far from being provisioned worldwide.
RataNova
Given how telcos historically handled messaging (like MMS), skepticism is understandable
she46BiOmUerPVj
Is there anything that shows "no one was allowed to use it" or was it that it wasn't an accepted standard?
acdha
Look at Google’s documentation: they explicitly state that only their Messages app is allowed to talk to their key exchange server. The entire marketing campaign they ran about RCS was predicated on nobody reading their docs or noticing all of the Android developers begging for permission to use RCS for years.
https://www.gstatic.com/messages/papers/messages_e2ee.pdf
> E2EE is implemented in the Messages client, so both clients in a conversation must use Messages, otherwise the conversation becomes unencrypted RCS. In rare situations where the conversation starts as E2EE, then one of the clients migrates to a different RCS client or an older Messages client that does not support E2EE, Messages might be unable to detect the change immediately. If the Messages user sends a new message, it’s still E2EE, however the recipient client may render the encrypted base64 payload directly as message content.
oneplane
Yes, Google only made it available for Google Messages. They don't have an SDK or API you can use to make your own clients or servers. Google also didn't put it up for standards with the GSMA or any other standards body, at least not publicly. There are no records of it.
There are some older submissions here you can probably find using one of the HN search sites about this, but IIRC those didn't really have any internal Google policy about this, they kept it all pretty private. The only 'leak' I remember about this was the thing where manufacturers that preload Google Android have to ship Google Messages to get RCS support from Google, otherwise they can't have it. Also means you can't have RCS without Play Services.
jauntywundrkind
The destruction of third party apps has been totally wild.
I'm very curious how long this OS-coupled status quo is going to go on for.
MBCook
It was just released in the last day or two. There had been drafts I think but now it’s real.
So someone asked Apple and they said “sure we’ll support that”.
I think the big news is that RCS can now be encrypted without relying on Google, but that’s not what gets you headlines.
throawayonthe
[dead]
lxgr
I really, really, really hope RCS doesn't make it as a standard.
Now that it's end-to-end encrypted, it's slightly better than SMS, but it's still laughably incapable compared to decades-old protocols that support multiple devices, phone-number-independent identifiers, self-hosting, have open implementations and non-insane specifications etc.
As it is, RCS is just Google Talk (Google runs most of the infrastructure), but tied to a single device (no messaging from your laptop or tablet if your phone battery dies!) and impossible to use without a phone number.
It makes me really sad to see that even technical audiences don't see the long-term plan here: Cementing the use of phone numbers instead of email addresses as the primary identifiers in people's digital lives, and making the closed, carrier and Google operated RCS ecosystem the ultimate replacement for email and other open web standards for B2C and P2P messaging. (Yeah, most people already use Gmail, but the point is that self-hosting email is at least still possible, and there's still relatively free competition of sending service providers; with RCS, there's no chance to play without paying the cartel.)
dmix
> Cementing the use of phone numbers instead of email addresses as the primary identifiers in people's digital lives
From my experience RCS is just a backup/temporary holdover system to keep SMS usable as is, since people are increasingly using regular chat apps like WhatsApp. Plus as long as spam/identity is a major issue then phone numbers will be a part of verification systems. They will use anything they can get to make it harder to abuse. Whether the root ID is phones or not doesn't really make a difference if a phone number is required at some point to use a service.
lxgr
There's a large split here between the US (where people largely use SMS and now RCS) and the rest of the world, which largely uses WhatsApp, WeChat, or very few others.
I'm of course also just as critical of having Meta run the world's communication industry instead of Google, but that's the duopoly (or rather two monopolies split geographically) we're headed towards. Cheering on RCS as a way out of it, instead of directly towards it, is deeply misguided.
That said, at least WhatsApp provides some basic features that XMPP has supported more than 20 years ago (multiple devices being logged in simultaneously, synced message archives etc.) – I'm not holding my breath ever seeing these on RCS. As a pseudo-federated standard, protocol and client development will always be much more complex, and looking at the baseline complexity of the RCS specification powering the few existing features, I'm just not seeing it happen.
Needing my phone to be powered up and connected to the Internet to message people from my computer in 2025 is absurd.
CivBase
> I'm of course also just as critical of having Meta run the world's communication industry instead of Google, but that's the duopoly
Don't forget Apple with their iMessage protocol.
jeroenhd
RCS is a GSMA standard, like VoLTE and SMS messages. Of course it's going to use telecoms features as unique identifiers, that's what it was designed to do.
While I agree that tying everying to a phone number is far from optimal, it's the status quo in messenger land. Only tech nerds use services like XMPP and Matrix, the rest all use either chat apps that tie you to a phone number or just text directly.
RCS is there for the people who still use SMS/MMS. In my country, that's basically nobody. In Canada and the US, that's the majority of non-iPhone people, and the iPhone people have been complaining about the shitty integration between iMessage and MMS since the day iMessage took off (because MMS is terrible for modern messengers).
RCS runs on your carrier's infrastructure. Google hosts RCS services for people whose carrier doesn't support RCS, but Apple won't be using those. RCS on iOS requires carrier support, which many carriers still have yet to turn back on.
I think you're confusing the status quo with the goal behind RCS. The unfortunate truth is, the people who are using RCS would've used SMS/MMS before. RCS just appeared in their messengers some day and made texting a lot better.
I'd still advocate for signal over RCS any time of the week (though I don't need to, because nobody uses SMS/RCS here anyway thanks to WhatsApp), but RCS is an abject improvement over the terrible messenger protocols it replaced.
lxgr
> it's the status quo in messenger land
Yes, and it's incredibly frustrating that we couldn't avoid ending up here. Maybe it was inevitable, but I still find it very sad.
summm
Even worse: it silently fails if the device does not run an unmodified anf certified Google Android OS. This means, it will not work on alternative OS and rooted devices
thriw7383848
It also silently fails if other party has android phone, but no internet connection. There is no fallback to SMS which works over plain GSM.
ezfe
It's far more than "slightly better." It supports full resolution content, longer messages, and reactions/interactions. For most people it's indistinguishable from iMessage/etc.
Do you really think that phone numbers aren't already a ubiquitous identifier? That is done. Nothing you're saying is changing because of RCS.
lxgr
Yes, it's already largely done, but that doesn't mean it was a good idea, so why cheer moving into the same bad direction just because there's now finally a baseline of security?
It's also anything but indistinguishable from iMessage. I can use iMessage on any number of devices without my phone having to be turned on, having the SIM with my number on it inserted, and being connected to the Internet (not always a given when traveling etc.)
The same is true for WhatsApp. Even XMPP could do it 20 years ago! This is not a new niche feature – it's absolutely essential for a modern instant messaging protocol!
MBCook
You’d rather we turn everything over to Facebook/Meta?
alwayslikethis
Unfortunately, RCS on Android requires google apps, so this isn't really a solution to anyone who doesn't want to be tracked by Google everywhere they go.
I'm still a little confused as to what problem RCS is supposed to solve. It is just as centralized as any other chat app, and is a bit more invasive (often requiring device attestation). Is it really worth all this hassle just to not have to install, let's say, Signal?
kelnos
Defaults matter. While I've gotten some of my friends and family members to install and use Signal, I still have more chats via SMS/MMS (and more recently RCS, since Apple finally started supporting it) than I do on all other messaging apps combined.
diego_sandoval
Where (and why) is that?
I'm from Chile, and the last time I sent an SMS (or heard of anyone sending an SMS) must have been like 12 years ago.
Ever since then, everyone has used Whatsapp or Telegram instead.
lxgr
Probably the US. SMS, MMS, and now RCS are still ubiquitous there – and only there, as far as I know.
hashworks
If you decline to use WhatsApp you need to use SMS for a lot of contacts in Germany. Or RCS since the latest iOS update.
sincerely
in NA, SMS is still dominant. Eu+Sa+india use whatsapp, china/japan have their own apps
theshackleford
This is likely to differ greatly by demographic. I don’t know literally anyone who uses SMS/MMS. The only SMS message I’ve received in years are automated services/spam.
jeroenhd
That's not necessarily true. For full compatibility you'd need a pre-installed app on Android, but vendors like Samsung and Sony and OnePlus can build their own RCS messengers for those devices should they choose to. Same with custom ROM developers for an open source implementation.
For non-ROM developers, it depends on what RCS activation technique your carrier uses.
RCS isn't a Google spec, or an Apple spec, or even an IETF/IEEE/ISO spec. It's part of the core mobile networking specifications. It was created by the people who designed the MMS spec after 4G switched mobile networks to everything-over-IP. Unfortunately, the 4G spec didn't require RCS, it was just an optional side feature, so carriers never bothered with it.
RCS solves the problem that most of the US uses iMessage or SMS/MMS, but the SMS/MMS part of that equation is absolutely dreadful. File size limits are stuck in the mid 2000s, messages are split over multiple SMS packets if you send more than one sentence, the entire thing is unencrypted. Sometimes people like to send photos to each other and the 150KiB or so file size limit on MMS isn't enough for that anymore.
As for why not have people install Signal: why would they, because everyone is already using something else? I live in a country where everyone uses chat apps and all but one of my contacts are on WhatsApp. In other places, that'll be Telegram, and in some North American countries, that'll be iMessage/MMS, the texting app that comes with the phone for sending texts.
nottorp
> For non-ROM developers, it depends on what RCS activation technique your carrier uses.
There's your problem right there. You may not remember being charged per message, but trust me, it was a thing.
The carriers would love to go back to 2 cents per sms, 5 per rcs "rich message" and 10 per encrypted "rich message".
WhyNotHugo
Being charged per message, per minute is pretty common all over the world.
And a lot of carriers still don’t support international romain or will charge a shit ton.
Usually, the cheapest approach is to just buy a cheap sim when you visit another country, but that doesn’t play well if you rely on SMS.
madeofpalk
I don't believe this FUD. I think overal the market has moved from from charging for messages. I fully believe carriers would love to rip off everyone as much as they can, but I think carriers know customers would just use facebook messenger if they tried charging per-message.
gruez
>but vendors like Samsung and Sony and OnePlus can build their own RCS messengers for those devices should they choose to.
Yes, but AFAIK they all caved and switched to google messages instead
>Same with custom ROM developers for an open source implementation.
Does one exists?
lxgr
No, it's worse than a standard centralized chat app: It's ostensibly federated, with network operators running the servers.
But practically, only Google actually knows how to do that (the specifications are absurdly complicated!), and so they do it for all operators as a service.
It's a fig leaf of an open protocol and service even for telco industry standards.
WhyNotHugo
RCS seems to be mainly designed as a successor for SMS.
For interpersonal communication, SMS is dead in the majority of the world, so a successor is entirely irrelevant.
For for the 1 or 2 countries where people still send SMS, RCS seems like a major improvement with a bunch of feature that have been available on other platforms for many years now.
paulryanrogers
Now that Signal cannot be the SMS / RCS app, yes that's too much hassle. Network effects are too powerful.
oblio
Oh, what's up with Signal?
paulryanrogers
They used to be SMS compatible. But now are just a solo like most other chat app.
wkat4242
It also requires a Google account as far as I know. I have Google apps but no account signed in. And when I tap on the connect RCS option it asks me to sign in.
Anyway iMessage (and iOS for that matter) is irrelevant where I live so I don't expect this to change anything. I'm not going to be on RCS. The main apps here are WhatsApp and Telegram (the latter more for groups)
o11c
I have a very minimal Android phone with no Google account ever added/used on the device, and it says my chats with other Android users are using RCS ...
The phone number is associated in the other direction though (way back when Google didn't be evil and GMail required invites, I dared to trust them with it, I forget for what).
lxgr
It shouldn't. The only reason Google Messages sometimes asks for an account is to support remote access via messages.google.com without scanning a QR code, as far as I know.
While it's largely openness/federation theater (Google runs most servers in the background, either on behalf of or instead of the mobile networks), they at least got that part right (as in conforming to the specification, not as in doing the long-term right thing for users) and exclusively use the phone number as an identifier.
wkat4242
Ah ok strange. It is a Samsung phone though. Samsung has been forcing a Google login in more and more places unfortunately. I think they made some deal with them about the AI features. Just like they now promote OneDrive instead of their own cloud. Maybe that's why or I didn't understand the popup.
I don't really want it if I can't access my messages online anyway. The whole reason I love telegram and WhatsApp is that I don't need my phone when I'm on the computer (which is 90% of the time). But a Google account is out of the question.
Right now I even bridge WhatsApp and Telegram through matrix because I don't trust those either, though I don't think I trust any company less than Google. But I don't know if you can do that for RCS.
But tbh I'm not looking for any other chat app unless it's federated and I can run my own server. RCS is technically federated but limited to a group of big companies so that's pretty useless to me.
I think I'll just block it just like I do SMS. I turn off all the notifications for the relevant apps.
slartibardfast0
this is so true for networks that don't implement RCS servers, not even Android - iOS interop present!
one thing i would like to see happen is deprecating SMS message with Labels rather than numbers, phishing has got far far too common in my jurisdiction RCS + some sort of DNS validation like atproto of sender would go a long long way
lxgr
> RCS + some sort of DNS validation like atproto of sender would go a long long way
Now this would be a messaging protocol I could get behind. Phone networks could even provide a phone number registry for people that insist on using that for whatever reason.
But there's absolutely no chance it'll happen – neither the telecommunications industry nor Google have any interest in making federation for others than "trusted partners" possible.
SMS is already a goldmine for carriers (thanks to the widespread use of SMS for OTPs and authentication), so why not make the next logical step and replace email for as many remaining B2C use cases as possible and collect some rent there as well?
RataNova
Your point about Google's central role is spot-on, and without an open, Google-independent implementation, RCS does remain problematic for anyone avoiding that ecosystem.
mrweasel
Why was RCS even designed with a none encrypted mode? I get that the original spec isn't exactly new, but it's also not so old that encryption, security or privacy wasn't an issue.
lxgr
Phone calls aren't encrypted either, if you think about it [1]. There's a large expectation of the telecommunications industry to be able to perform legal interception, and providing end-to-end encryption out of the box might be seen as a direct violation of that requirement.
[1] Except, somewhat incongruently, between Google Fi subscribers on some Android phones: https://support.google.com/fi/answer/11295314?hl=en – no idea how that came to be and how it even works! I suspect it just upgrades to a FaceTime-like VoIP call.
izacus
Encryption and privacy isn't an issue for carriers, which were part of the standard body and operate SMS protocol even in 2025.
You assume everyone has the same goals in mind :)
jeroenhd
It's the evolution of SMS/MMS; development started 18 years ago, in 2007. The modern spec is based on that with a whole bunch of additional revisions for things like video calling and transferring money. It was designed long before major messenger apps had e2ee in the first place.
Had it been designed with the security practices at the time, the protocol would've been ossified to the point of being practically insecure by today's standards. In a sense, the fact nobody cared about it until the spec was old enough to drive is actually good for users.
The GSMA which designs RCS also serves the needs of government agencies that are tracking (international) criminals, so I bet there must have been some pretty strong opposition against E2EE in the official spec. Frankly, I'm surprised they're even putting it in the spec.
nubinetwork
I'm not sure about the case of RCS, but I've seen some instances of a none cipher being better for compression and deduplication, because the encryption messes with the data.
hagbard_c
You'd normally compress the data before encrypting it as that makes the resulting cyphertext more resilient against cryptanalysis as well as reduces the amount of data which needs to be encrypted so this sounds like a bogus reason.
lxgr
That doesn't allow you to deduplicate across users, though – which of course is the entire point, or the network would be able to see who's forwarding which documents.
nubinetwork
It depends on what you're doing I guess... for storage it doesn't make sense, but for pushing a lot of data over a private pipe, why spend the resources adding a cipher?
jayd16
You'd have to compress every single message separately and then encrypt them. That's still a far cry from being able to compress across every message.
dontlaugh
I assume some sort of multicast.
codedokode
It is good that commercial messengers forced GSM association to finally create E2EE standards. The reason why telcos want you to use RCS becomes obvious if you calculate how much 1Gb of data costs if sent as SMS (I guess that one could buy a car with this money).
scarface_74
Does any carrier still charge for SMS messages?
lxgr
I'd say it's the norm rather than the exception outside of the US.
US operators do things quite a bit differently from the rest of the world; for example, prepaid cards without a monthly fee are not really a thing, i.e. essentially every plan has a monthly fee, but that then almost always includes texting.
Outside the US, it's usually possible to receive calls and SMS on a prepaid SIM without paying anything other than maybe the occasional top-up to not lose the number; in exchange, outbound texts and calls are usually paid.
jeroenhd
I believe the distinction that separated the US from the rest of the world is that US carriers charged the recipient of a message, while the rest of the world charged the sender. I don't know if that's true for evrryer carrier or if it's still true today, but it made a major difference.
It's also the reason apps threaten you with fees ("this service may cost you money") when all they do is send a verification SMS. Receiving messages is free in most places but because of a handful of shitty carriers apps now have this warning embedded in them.
jeroenhd
Mine either provides 120 SMS/minutes or unlimited text and call. I used to use the 120 minutes version and almost exclusively used it for phone calls. These days I'm on unlimited because of a combo discount on my phone.
Most of the world isn't using SMS/MMS so lots of places have carriers that still charge for the feature.
eknkc
It’s funny that everyone bashed Apple for their lack of RCS support and now that they have it, all posts seem to indicate RCS is a shit standard at best. I have no idea if it is but that’s the impression I got.
I guess it was just a talking point to shit on Apple’s approach?
I don’t care anyway. Here everyone uses WhatsApp so RCS is not important but just an outsider observation.
CivBase
> I guess it was just a talking point to shit on Apple’s approach?
It started with Apple promoting the "green bubble = inferior" thing. Google responded by insisting the iMessage experience with Android was only bad because Apple refused to support RCS. Now here we are.
The RCS protocol is much better than SMS/MMS. But there are also plenty of better protocols out there. Both can be true.
niea_11
It's possible that the people complaining now are not the same people that complained about apple's lack of rcs support.
jeroenhd
I think the RCS users are quite happy that iOS has RCS now. Though, they may be disappointed that Apple didn't set up an RCS server like Google did, because now people find out that their carrier doesn't do RCS so they're still missing out in the advantages.
But, when RCS works, it works well. The stupid compatibility hacks Google and Samsung and everyone else implemented to make SMS/MMS pretend to be good at group messaging (like the ways they indicate emoji reactions) no longer need to be encoded in human-readable form.
The encrypted component of RCS was a Google special and I think everyone knew that. People wanted Apple to immediately take up Google's encryption spec, but Apple waited for the GSMA spec to be updated with E2EE which is a much cleaner solution.
The opponents of RCS have a point; using RCS is a bit like using your ISP's email servers in that the quality of your ISP determines how good of a time you'll behaving with it.
There are also many advantages to full RCS support that nobody seems to have implemented yet. Things like video calls, or sending money over text. No longer needing third party services like FaceTime or WhatsApp to do video calls is a step in the right direction in my book.
klabb3
> I guess it was just a talking point to shit on Apple’s approach?
Apple is not a sports team. What people are shitting on is a vendor-specific messaging app. It would be the same if there was a Samsung chat.
psnehanshu
When I enabled RCS on my Android, I started getting ads with rich media. So I disabled it. And moreover WhatsApp is the dominant messaging app in my country. So this doesn't matter.
ZeWaka
Ads? Where? There's no spot in Google Messages for them.
leosanchez
Rampant spam has forced Google to turn off RCS ads in India[0]
[0] https://www.theverge.com/2022/6/1/23150243/google-rcs-ads-in...
AndrewSwift
It's not RCS that was turned off, just "Business Messaging", meant for trusted companies to communicate with their customers.
psnehanshu
Not on the Google Messages app itself, but inside the messages. Just like spam promotional emails.
sudo_chmod777
Emails??
ebb_earl_co
This is great in principle. I still prefer Signal as the top-shelf experience of iOS—Android communication.
kstenerud
Fortunately, this doesn't really affect those of us outside of the USA, since we've long since moved on.
criddell
When an iPhone sends a message to 555-1212, where does the iPhone get the public key for that number?
acdha
Apple runs servers for managing iMessage key exchange, just like Google’s RCS encryption. Both of them use device attestation to restrict access to those servers to their own apps.
tengbretson
Still waiting on a non-Google implementation of this so-called standard.
jeroenhd
There have been dozens, called anything from Message+ to Joyn. Most seem to be shutting down, though, because nobody used RCS since its inception from somewhere around 2009 and renewed interest in launching RCS services around 2012.
There are a few implementations on Github. https://github.com/android-rcs/rcsjta seems to be the most complete but uses an older version of the spec. https://github.com/Hirohumi/rust-rcs-client is a modern implementation.
The spec is here: https://www.gsma.com/solutions-and-impact/technologies/netwo... if you're looking to implement it yourself.
MBCook
I think Google‘s was something different. This is an actual standard that Apple is committing to implement. I was under the impression Google’s encryption was just their own layer thing they added on top it was not actually standardized.
When people asked last year about why Apple wasn’t implementing encrypted RCS I think they even said that they wanted to wait for a standard.
ocdtrekkie
So an important context here is the server side implementation of RCS is Google's at every major carrier. Google bought the carrier-side provider of RCS services, Jibe, and so the entire RCS stack is still basically just Google Chat with an "it's a standard" label on it.
https://9to5google.com/2024/02/01/verizon-rcs-google-jibe/
Verizon, AT&T, and T-Mobile all use Google's RCS implementation, the only way to not send Google your messages in the US is to own an iPhone and disable RCS.
tredre3
> Verizon, AT&T, and T-Mobile all use Google's RCS implementation, the only way to not send Google your messages in the US is to own an iPhone and disable RCS.
You can disable RCS on Android too.
lxgr
Does anybody know how the trust model for this looks like? Is it trust on first use together with a notification if a contact's key changes, a centralized key server (if so, who runs it, and is there key transparency), or just opportunistic encryption not protected against active attackers in the middle?
jeroenhd
It's using MLS for encryption and key exchange, which is based in part in Signal's encryption.
I believe they'll probably be using TOFU like all the other popular encrypted messenger apps. Google's messenger (the encryption of which already uses MLS) has a verification feature where you can match key fingerprints by comparing numbers, but who knows how Apple will implement this.
So essentially, it's not really an Apple thing, it's more that the universal RCS profile just didn't have encryption, and Google RCS was a non-standard extension that nobody else was allowed to use.
The real news is the update to GSMA RCS, because without that, none of this matters. What I'm missing in the article is who's going to own the keys and why this is probably going to default to the telcos as if it's MMS. Are they going back to the days of charging per message?
With iMessage you'd be putting your trust in Apple, with Google RCS you'd be putting your trust in Google. For WhatsApp that'd be Meta and for Signal that's Signal. But with GSMA RCS?