Gmail mobile client-side encryption expands to Android and iOS with native E2EE support
Summary
Hide ▲
Show ▼
Google has enabled native end-to-end encryption (E2EE) for Gmail on Android and iOS mobile devices, allowing users with Enterprise Plus licenses and Assured Controls add-ons to compose, read, and send encrypted emails directly within the Gmail app without additional tools. Encrypted messages are delivered as regular emails to recipients, regardless of their email service or device, and are accessible via a web browser if the recipient lacks the Gmail app. This implementation leverages client-side encryption (CSE), where encryption keys are controlled by the organization and stored externally, ensuring Google and third parties cannot access message content, aligning with compliance requirements such as HIPAA and data sovereignty mandates. The feature is now available immediately to eligible users after administrator configuration via the Admin Console CSE interface. Administrators must enable the feature for their organizations, and users can then compose encrypted messages by selecting the "Additional encryption" option via the lock icon in the Gmail mobile app. The rollout applies to Google Workspace Enterprise Plus customers with Assured Controls or Assured Controls Plus add-ons, supporting compliance with regulatory requirements while maintaining a user-friendly experience across recipient platforms.
Timeline
-
10.04.2026 13:44 2 articles · 3d ago
Gmail E2EE expands to mobile with native client-side encryption support
Gmail E2EE on Android and iOS mobile apps is now immediately available to eligible users (Enterprise Plus with Assured Controls or Assured Controls Plus) after admin configuration via the Admin Console CSE interface. Users can compose encrypted messages by selecting the "Additional encryption" option via the lock icon in the Gmail app. Encrypted messages remain accessible in the Gmail app or any web browser for recipients without the app, aligning with compliance mandates such as HIPAA and data sovereignty.
Show sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
Information Snippets
-
Gmail E2EE is now available natively on Android and iOS Gmail mobile apps for users with Enterprise Plus licenses and Assured Controls or Assured Controls Plus add-ons after admin configuration.
First reported: 10.04.2026 13:442 sources, 2 articlesShow sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
-
Encrypted messages are delivered as standard emails to recipient inboxes, visible in the Gmail mobile app or any web browser if the recipient does not use the Gmail app.
First reported: 10.04.2026 13:442 sources, 2 articlesShow sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
-
To send an E2EE message, users must enable the "Additional encryption" option via the Lock icon when composing an email in the Gmail mobile app.
First reported: 10.04.2026 13:442 sources, 2 articlesShow sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
-
Gmail’s E2EE relies on client-side encryption (CSE), where encryption keys are managed by the organization and stored outside Google’s servers, preventing Google or third parties from accessing message content.
First reported: 10.04.2026 13:442 sources, 2 articlesShow sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
-
The feature supports compliance with regulatory requirements such as HIPAA, data sovereignty, and export controls by ensuring messages and attachments are encrypted client-side before transmission.
First reported: 10.04.2026 13:442 sources, 2 articlesShow sources
- Google rolls out Gmail end-to-end encryption on mobile devices — www.bleepingcomputer.com — 10.04.2026 13:44
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
-
Gmail E2EE mobile rollout is immediately available to Google Workspace Enterprise Plus users with Assured Controls or Assured Controls Plus add-ons after admin configuration via the Admin Console CSE interface.
First reported: 13.04.2026 11:311 source, 1 articleShow sources
- Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users — www.securityweek.com — 13.04.2026 11:31
Similar Happenings
Google Workspace E2EE for Gmail Extended to External Recipients
Google has expanded its end-to-end encryption (E2EE) feature for Gmail to support encrypted emails to any email service. This update allows Gmail enterprise users to send encrypted emails to recipients using any email platform. The new feature leverages client-side encryption (CSE) to ensure that data is encrypted on the client before being sent to Google's cloud storage. Recipients receive a link to view and reply to the encrypted message using a guest Google Workspace account. The rollout began in April 2025 as a beta test and is expected to reach general availability over the next two weeks.