Google Enhances Gmail with Streamlined Encryption Model

Google is introducing a new encryption model for Gmail. From now on, recipients will not need any special software or exchange encryption certificates to send encrypted messages.

Currently, Gmail uses the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol for email encryption. However, this also requires the recipient to have S/MIME set up. The new model will allow users to simply enable «additional encryption» in the draft email window. When sending an email to an external address, recipients will receive a link to access a guest account on Google Workspace for secure viewing and replying through a simplified version of Gmail.

If a recipient has S/MIME configured, Gmail will send the message using that protocol. Emails sent to both work and personal Gmail accounts will automatically be decrypted in the recipient’s inbox.

The feature is currently in beta and is only available to enterprise users, who can send encrypted emails to other Gmail users within the same organization. Google has assured that in the coming weeks, this enhancement will be rolled out to all Gmail users, and within a year, it will extend to email accounts from any third-party provider.

This new encryption system is more advanced than the standard protection that Gmail applies by default for all emails. However, it’s important to note that this is not end-to-end encryption (E2EE). The new model gives workspace administrators control over encryption keys and allows them to revoke user access and «manage their encrypted files,» as stated on Google’s support page.