Apple has taken another step towards secure communication between iPhone and Android. In iOS 26.5, the company enabled end-to-end encryption for RCS messages between the two platforms by default for the first time.
iOS 26.5 was released as a public beta from Apple last Monday. This beta release supports end-to-end encryption (E2EE) for Rich Communications Service (RCS). RCS has been under development through a “cross-industry” collaborative process to provide a replacement for traditional Short Message Service (SMS).
As such, E2EE RCS messaging will now be available for use with iOS 26.5 and supported carriers as well as Android users running the most recent version of Google Messages. Both new and existing conversations using this messaging method will have E2EE enabled automatically.
Rich Communications Service is an Internet-based messaging platform which is designed to allow Android and iPhone users to send images and video; view whether another user’s device is still viewing messages; and see whether a message has been viewed — all capabilities which are commonly associated with Instant Messaging applications. The RCS platform is based upon an Industry Specification known as the RCS Universal Profile.
“When RCS messages are end-to-end encrypted,” says Apple, “they cannot be read when being transmitted between devices.” Users of RCS messaging will know if their messages are end-to-end encrypted because they will notice a new lock icon displayed within their RCS chat interface.
Prior to making end-to-end encrypted messaging available to RCS messages sent between iPhones (via iOS and iPadOS 26.4 Beta), Apple had been testing these types of encrypted messages in those versions, but only with other Apple devices. At the beginning of 2025, the GSMA (GSMA) announced its support of E2EE to protect messages transmitted via the RCS protocol.
Google made a similar announcement stating that users of Google Messages on Android would have the ability to view a lock icon indicating that their cross-platform conversation is end-to-end encrypted.
“This positive step forward in delivering secure services across industries represents the combined efforts of the GSMA RCS Working Group — comprised of Apple, Google, and others within the global mobile ecosystem — working together to deliver a globally-recognized, open platform for the delivery of these new services,” said Alex Sinclair, CTO at the GSMA.
This update also includes patches for over 50 different vulnerabilities in iOS and iPadOS. These include several vulnerabilities within components like AppleJPEG, ImageIO, Kernel, mDNSResponder, and WebKit.
