Key Takeaways
- Google Contacts, with Play Services help, will manage public keys for easier identity-verified communication.
- App-agnostic key verification will allow for easier confirmation of message privacy.
- Preliminary code indicates a barebones feature set that could expand in the future.
Most
messaging uses a method called asymmetric encryption. A publicly available code, or public key, lets others send you encrypted messages, which can only be decrypted by your private key. Public keys being readily accessible makes it possible to verify a sender’s identity, but depending on the messaging service used, you might have to go looking for the option to do so.
An upcoming change that started with Android 15’s initial beta indicates that Google Contacts, in conjunction with Play Services, will now manage your contacts’ public keys, making private, identity-verified communication easier than ever (per AssembleDebug via Android Authority).
Confirming message security across apps
A year later than iOS, but we’re not complaining
The API itself has been around since Android 15 first hit beta, as a way to “manage and verify their contact’s public keys” throughout the ecosystem, instead of relying on individual apps’ own verification methods. A Google Play Services APK teardown revealed a host of hints that key verification development is well underway, including discrete activities for onboarding to the service, as well as scanning and showing the relevant QR codes.
Several code strings also turned up to illustrate how the Play Services verification will operate via Google Contacts. Users will be able to check keys across apps by scanning a contact’s QR code, or by manually comparing verification code numbers for each app.
Related
Android 15: Availability, timeline, and what’s new in QPR1 Beta 2
Android 15 QPR1 is taking shape
We saw a similar feature implemented by Apple almost a year ago, which published a helpful blog post explaining how centralized key verification results in a more secure and streamlined experience than per-app management. Google’s implementation appears relatively barebones at the moment, bu that’s understandable for an in-progress feature, and there’s always the chance it gets fleshed out before or after release.
Related
How to send encrypted and confidential emails on Gmail
Maximize your privacy while using Gmail