Your Tech Story

end-to-end encryption

Google announced end-to-end encryption for Gmail web

To render its emails more difficult to hack, Google is deploying a new update. According to a Google announcement, Gmail will soon support end-to-end encryption in web browsers. The capability, which is presently in beta, enables customers to send and get encrypted emails both inside and outside of their domain, according to a blog post from the company.

end-to-end encryption
Image Source: gizmodo.com.au

The new technology, which Google describes as client-side encryption, will make sure that important information in the body of the email and attachments is unreadable by Google servers. Additionally, it will provide customers access to the encryption keys while allowing the identity service to access them.

Google noted, “Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.”

Client-side encryption (CSE) in Google Workspace enables the processing of data encryption in the client’s browser prior to data transmission or cloud-based storage in Drive. The company emphasized will not be able to access users’ encryption keys. It noted, “You can use your own encryption keys to encrypt your organization’s data, in addition to using the default encryption that Google Workspace provides.

Read More: 15.5-Inch MacBook Air Expected to unveil in Spring 2023

With Google Workspace Client-side encryption (CSE), content encryption is handled in the client’s browser before any data is transmitted or stored in Drive’s cloud-based storage. That way, Google servers can’t access your encryption keys and decrypt your data. After you set up CSE, you can choose which users can create client-side encrypted content and share it internally or externally.”

Gmail’s end-to-end encryption will make sure that all email communications sent by users are encrypted by the sender and can only be decoded on the device of the intended receiver.

The emails and attachments transmitted with them cannot be decrypted or read by any organization or third party, including Google’s own email server. The fact that Google already offers client-side encryption on Google Drive, Sheets, Docs, Google Meet, Slides, Google Calendar and Google is noteworthy.

According to Google, customers with Google Workspace Enterprise Plus, Education Plus, or Education Standard are eligible to sign up for the Gmail client-side encryption (CSE) beta program. The beta program is accepting applications through January 2023. Users must submit a Gmail CSE Beta Test Application, which must include details like their email id, test group domain, and Project ID.

Users of Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as older G Suite Basic and Business customers, will not be able to use the new feature as of now. According to Google, the public release will be made available at a later time in 2023.

Google has made it clear that the new functionality would encrypt both the email content and all attachments, including embedded photos. Google, however, will not encrypt the email’s header, which contains the topic, timestamps, and recipient lists.

Additionally, Google has stated that “in an upcoming release” it will add client-side encryption to its Gmail application for iOS and Android devices.

Leave a Comment

Your email address will not be published. Required fields are marked *