What happened
Apple has rolled out support for testing end-to-end encrypted Rich Communication Services (RCS) messaging in the developer beta of iOS 26.4, marking the first time the company has enabled experimental E2EE for RCS chats within its software ecosystem, albeit with significant limitations.
Who is affected
The change currently affects developers and early testers using iOS, iPadOS, and macOS 26.4 betas; broader user impact is limited for now as encryption is only enabled in specific test scenarios and not yet widely available on public releases or cross-platform RCS (e.g., between iPhones and Android devices).
Why CISOs should care
This development signals a shift toward stronger native messaging security across mobile ecosystems beyond proprietary platforms like iMessage and encrypted apps. It could influence secure communications strategies and mobile data protection policies, particularly as default messaging channels increasingly support industry-standard encryption.
3 practical actions
- Review mobile messaging policies: Evaluate current guidance for employee messaging use, anticipating broader end-to-end encrypted RCS availability in future OS updates.
- Update threat models: Incorporate encrypted RCS into mobile communications threat modeling, including potential impacts on lawful intercept, data retention, and risk assessment.
- Plan cross-platform security tests: Prepare to test encrypted RCS across devices and carriers as public support expands, ensuring alignment with compliance and incident response workflows.
