Geeks for your information News Software & Services News v
Client-side encryption in Gmail on mobile is now available, but most users can't use
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Client-side encryption in Gmail on mobile is now available, but most users can't use
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,934
Threads: 8,887
Thanks Received: 8,764 in 6,923 posts
Thanks Given: 9,659
Joined: 12 September 18
#1
Information  01 October 23, 07:47
Quote:Google launched a security improvement for the Gmail mobile applications for Android and iOS this week that adds client-side encryption support.
 
Client-side encryption gives users control over encryption keys and data; even Google can't access the email body or attachments on its servers, thanks to the use of encryption. Gmail web-users have had access to client-side encryption since 2022, when it was launched by Google.
 
Gmail encrypts data that is in transit and at rest using "secure-by-design cryptographic libraries" according to Google. This encryption is available to all customers and automatic. It ensures that data is protected while it is in transit or stored on Google servers. Google retains control over that encryption.
 
The new client-side encryption capability extends encryption further. It is a local option, which means that the encryption and decryption of data happens on the user's device and out of reach of Google and others.

Gmail users with access to it need to become active to enable this level of encryption in the Gmail client. The security feature needs to be enabled for each individual email, as it is turned off by default. There is no option to enable it permanently.
 To secure an email using client-side encryption, Gmail users need to activate the lock icon next to the "To" field in the client and turn on the "Additional encryption" option displayed in the menu. The client indicates the use of client-side encryption with a blue shield icon in the interface.
 
[Image: gmail-additional-encryption.png]

Google explains: "To add client-side encryption to any message, click the lock icon and select additional encryption, and compose your message and add attachments as normal".
 
A support page provides additional guidance for system administrators. Google explains that administrators "need to enable the Gmail API" and give it access to the organization. It is then necessary to upload an S/MIME certificate and "private key metadata" encrypted by the key service to Gmail. The messages can only be read by other members of the organization.
 
Client-side encryption is enabled for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers. All other Google customers, including customers with personal accounts, do not get access to the feature.
 Third-party tools such as OpenPGP may be used to encrypt data locally. The open source email client Thunderbird, for example, supports OpenPGP and Gmail.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
How to turn off App Promotions in Windo...
disable app promotio...marcojanson42 — 09:42
Microsoft Edge 125.0.2535.51
Version 125.0.2535...harlan4096 — 06:59
NoVirusThanks OSArmor 1.9.9
OSArmor v1.9.9 rel...harlan4096 — 06:00
INTEL Arc Graphics 31.0.101.5522
Highlights Gami...harlan4096 — 05:58
Malwarebytes 5.1.4.112
We have released a...Mohammad.Poorya — 21:27

[-]
Birthdays
Today's Birthdays
avatar (38)GregoryRog
Upcoming Birthdays
avatar (37)axuben
avatar (38)ihijudu
avatar (48)Mirzojap
avatar (34)idilysaju
avatar (38)odukoromu
avatar (44)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>