Google rolls out Gmail end-to-end encryption on mobile devices
by Sergiu Gatlan · BleepingComputerGoogle says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools.
Starting this week, encrypted messages will be delivered as regular emails to Gmail recipients' inboxes if they use the Gmail app.
Recipients who don't have the Gmail mobile app and use other email services can read them in a web browser, regardless of the device and service they're using.
"For the first time, users can compose and read these E2EE messages natively within the Gmail app on Android and iOS. No need to download extra apps or use mail portals. Users with a Gmail E2EE license can send an encrypted message to any recipient, regardless of what email address the recipient has," Google announced on Thursday.
"This launch combines the highest level of privacy and data encryption with a user-friendly experience for all users, enabling simple encrypted email for all customers from small businesses to enterprises and public sector."
This feature is now available for all client-side encryption (CSE) users with Enterprise Plus licenses and the Assured Controls or Assured Controls Plus add-on after admins enable the Android and iOS clients in the CSE admin interface via the Admin Console.
To send an end-to-end encrypted message, Gmail users have to turn on the "Additional encryption" option by clicking the Lock icon when writing the message.
In October, Google also announced that Gmail enterprise users can now send end-to-end encrypted emails to recipients on any email service or platform.
Gmail's end-to-end encryption (E2EE) feature is powered by the client-side encryption (CSE) technical control, which allows Google Workspace organizations to use encryption keys they control and are stored outside Google's servers to protect sensitive documents and emails.
This way, the messages and attachments are encrypted on the client before being sent to Google's servers, which helps meet regulatory requirements such as data sovereignty, HIPAA, and export controls by ensuring that Google and third parties can't read any of the data.
Gmail CSE was introduced in Gmail on the web in December 2022 as a beta test, following an initial beta rollout to Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar, and it reached general availability for Google Workspace Enterprise Plus, Education Plus, and Education Standard customers in February 2023.
The company began rolling out its new end-to-end encryption (E2EE) model in beta for Gmail enterprise users in April 2025.
Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.