Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Google RCS security. Show all posts
SMS
Compliance Cyber Security Employee Data Google Google RCS security SMS

Google’s New Update Allows Employers To Archive Texts On Work-Managed Android Phones

 




A recent Android update has marked a paradigm shifting change in how text messages are handled on employer-controlled devices. This means Google has introduced a feature called Android RCS Archival, which lets organisations capture and store all RCS, SMS, and MMS communications sent through Google Messages on fully managed work phones. While the messages remain encrypted in transport, they can now be accessed on the device itself once delivered.

This update is designed to help companies meet compliance and record-keeping requirements, especially in sectors that must retain communication logs for regulatory reasons. Until now, many organizations had blocked RCS entirely because of its encryption, which made it difficult to archive. The new feature gives them a way to support richer messaging while still preserving mandatory records.

Archiving occurs via authorized third-party software that integrates directly with Google Messages on work-managed devices. Once enabled by a company's IT, the software will log every interaction inside of a conversation, including messages received, sent, edited, or later deleted. Employees using these devices will see a notification when archiving is active, signaling their conversations are being logged.

Google's indicated that this functionality only refers to work-managed Android devices, personal phones and personal profiles are not impacted, and the update doesn't allow employers access to user data on privately-owned devices. The feature must also be intentionally switched on by the organisation; it is not automatically on.

The update also brings to the surface a common misconception about encrypted messaging: End-to-end encryption protects content only while it's in transit between devices. When a message lands on a device that is owned and administered by an employer, the organization has the technical ability to capture it. It does not extend to over-the-top platforms - such as WhatsApp or Signal - that manage their own encryption. Those apps can expose data as well in cases where backups aren't encrypted or when the device itself is compromised.

This change also raises a broader issue: one of counterparty risk. A conversation remains private only if both ends of it are stored securely. Screenshots, unsafe backups, and linked devices outside the encrypted environment can all leak message content. Work-phone archiving now becomes part of that wider set of risks users should be aware of.

For employees, the takeaway is clear: A company-issued phone is a workplace tool, not a private device. Any communication that originates from a fully managed device can be archived, meaning personal conversations should stay on a personal phone. Users reliant on encrypted platforms have reason to review their backup settings and steer clear of mixing personal communication with corporate technology.

Google's new archival option gives organisations a compliance solution that brings RCS in line with traditional SMS logging, while for workers it is a further reminder that privacy expectations shift the moment a device is brought under corporate management. 


Read more »
Technology
Android System Key Verifier Google Messages beta Google RCS security QR code verification RCS chat encryption Technology

Google Testing QR Code-Based Encryption Key Verification in Messages Beta

 

Google is reportedly rolling out a new security feature in Google Messages, aimed at giving users stronger protection for their RCS chats. According to a report by 9to5Google, the latest beta version of the app introduces a QR code-based key verification system, designed to enhance message encryption.

The feature is powered by the Android System Key Verifier and can be accessed in the Messages beta under a new "Security & Privacy" sub-menu. When users tap “verify encryption” in an RCS conversation, a pop-up appears with the option to "verify keys for this contact."

A large “Your QR Code” button is displayed in the center, showing the contact details associated with the code. To verify encryption, both users must scan each other’s QR codes, or alternatively, compare numerical verification codes—similar to the existing option in the Messages app. Testing also revealed that the Android System Key Verifier launches the scanner with a colorful viewfinder.

Google has been developing this upgrade since November, with the Android System Key Verifier app serving as the backbone of the process. As explained by Google, these encryption keys “help ensure only you and your contact can read the RCS messages you send each other.”

The keys are exchanged securely through QR codes, ensuring that only the intended parties can access conversations. If one user switches to a new phone, the keys may no longer match, requiring the verification process to be repeated.

Reports suggest the feature will only be available on devices running Android 10 or later. Since it’s still in beta, a wider rollout may take a few months. With Android 16’s QPR2 Beta 1 recently released, the new verification tool could be officially introduced toward the end of the year, possibly in December.
Read more »
Subscribe to: Comments (Atom)