End-to-end encryption will soon be enabled for Gmail, enabling Google Workspace users to send and receive encrypted emails. This was revealed by Google in a blog post.
Although it names this feature client-side encryption, the search engine giant already provides end-to-end encryption in Google Drive, Google Meet, as well as in Docs, Sheets, and Slides. Google is now adding this security feature to Gmail on the web, but it will initially only be available to users in the business and educational categories.
The company notes that Google Workspace Enterprise Plus, Education Plus, and Education Standard users will be the first to have access to and test out end-to-end encryption in Gmail.
Gmail’s end-to-end encryption beta
End-to-end encryption for Gmail on the web will debut in beta before going freely available, as is sometimes the case with new services.
End-to-end encryption for Gmail on the web has been announced by Google and is currently in beta for customers of Google Workspace Enterprise Plus, Education Plus, and Education standard. Users have until January 20, 2023, to sign up for the beta program.
Google claims that it wont be able to access users’ encryption keys and that both the encryption keys itself and the identification service needed to access them are completely under the control of the users.
By clicking the lock icon in the recipient field and choosing the relevant option, users with supported accounts can enable the feature, which is currently known as Additional encryption.
End-to-end encryption isn’t new to Google services; this isn’t the first either. Google Docs, Sheets, Slides, Meet, and Calendar; however, Calendar is currently in beta.
However, obtaining the feature requires more effort than only enrolling in the beta program. The Gmail API must be turned on when launching a new GCP project in the Google Cloud Console so that workspace users can configure their email environments.
Access to the entire domain must be granted to this new service account. Additionally, users must create S/MIME certifications for both senders and receivers for every member of the group testing the new service. More details on the setup process are available in Google’s support post.
Once you’ve finished configuring, submit the Google Form to request end-to-end encryption by entering your email, project ID, and test group domain.
Only the email body and attachments, including inline images, are protected by encryption. The email header, including the topic, timestamps, and recipients lists, is not encrypted.
Even though this isn’t a perfect solution, adding end-to-end encryption to Workspace will help it compete with services like Proton, which also offers full end-to-end encryption.