RCS Encryption Between iOS and Android—Current State and Future Expectations RCS Encryption Between iOS and Android—Current State and Future Expectations

RCS Encryption Between iOS and Android—Current State and Future Expectations

Prashast Tayal

Question

How secure is RCS messaging between iOS and Android devices? Will the upcoming iOS 26 release bring end-to-end encryption for business and end-user messages?

Applies To

  • Rich Communication Services
  • Messaging

Answer

Current Encryption for RCS Messaging

  • In Transit Protection Only:
    At present (as of July 2025), RCS (Rich Communication Services) messages exchanged between iOS and Android users—including those sent in business-to-consumer scenarios—are only encrypted while they travel over the internet from sender to recipient. This means that while the message cannot be read by third parties as it moves through the network, it could be accessed once it reaches a server or carrier system, since it is not protected with end-to-end encryption (E2EE).

iOS 26 and RCS Encryption Status

  • iOS 26 Beta:
    Even in the current iOS 26 beta, RCS messages are not fully end-to-end encrypted. Messages may remain vulnerable during delivery between platforms.
  • RCS Universal Profile Support:
    End-to-end encryption for RCS is defined in the Universal Profile 3.0 specification. However, Apple currently supports Universal Profile 2.4 in its iOS implementation. Full support for end-to-end encryption is expected only when Apple adopts Universal Profile 3.0, which may appear in a later iOS 26 release or in a future update.

Key Points:

  • No End-to-End Encryption Yet:
    Whether you’re a business or an end user, RCS messages exchanged between iOS and Android are not currently protected by E2EE. This means intermediaries like servers or carriers could potentially access message content.
  • Apple’s Plans:
    Apple has indicated it will enable support for true E2EE in the future, but no fixed date or iOS version has been promised.
  • Business Implications:
    Businesses using RCS to communicate with customers should be aware that while RCS improves messaging security over SMS, it does not yet provide full confidentiality between endpoints across all platforms.

Summary Table

ScenarioEncryption TypeE2EE Status
Android ↔ Android (personal chat)In transit and E2EE*Supported*
Android ↔ iOS / iOS ↔ Android (current)In transit onlyNot enabled
Business ↔ End User (Android/iOS, current)In transit onlyNot enabled
Future iOS (post-profile 3.0 adoption)TBD (depends on update)Planned, no timeline

Takeaway

RCS messaging currently secures your conversations in transit but does not offer full end-to-end encryption between iOS and Android, especially in business messaging. Apple’s future roadmap includes support for Universal Profile 3.0, which could introduce E2EE, but until then, businesses and users should be aware of the present security limitations.