Friday, November 15, 2024

Android 15 will empower Google Contacts to manage encryption keys to ensure private, secure messaging

Must read

Key Takeaways

  • Google Contacts, with Play Services help, will manage public keys for easier identity-verified communication.
  • App-agnostic key verification will allow for easier confirmation of message privacy.
  • Preliminary code indicates a barebones feature set that could expand in the future.



Most

Related

end-to-end encrypted

How can an app send messages that only you can decode?

messaging uses a method called asymmetric encryption. A publicly available code, or public key, lets others send you encrypted messages, which can only be decrypted by your private key. Public keys being readily accessible makes it possible to verify a sender’s identity, but depending on the messaging service used, you might have to go looking for the option to do so.

An upcoming change that started with Android 15’s initial beta indicates that Google Contacts, in conjunction with Play Services, will now manage your contacts’ public keys, making private, identity-verified communication easier than ever (per AssembleDebug via Android Authority).



Confirming message security across apps

A year later than iOS, but we’re not complaining

encrypted-messaging-ap-hero

The API itself has been around since Android 15 first hit beta, as a way to “manage and verify their contact’s public keys” throughout the ecosystem, instead of relying on individual apps’ own verification methods. A Google Play Services APK teardown revealed a host of hints that key verification development is well underway, including discrete activities for onboarding to the service, as well as scanning and showing the relevant QR codes.

Several code strings also turned up to illustrate how the Play Services verification will operate via Google Contacts. Users will be able to check keys across apps by scanning a contact’s QR code, or by manually comparing verification code numbers for each app.


Related

Android 15: Availability, timeline, and what’s new in QPR1 Beta 2

Android 15 QPR1 is taking shape

We saw a similar feature implemented by Apple almost a year ago, which published a helpful blog post explaining how centralized key verification results in a more secure and streamlined experience than per-app management. Google’s implementation appears relatively barebones at the moment, bu that’s understandable for an in-progress feature, and there’s always the chance it gets fleshed out before or after release.

Related

How to send encrypted and confidential emails on Gmail

Maximize your privacy while using Gmail



Latest article