Important points
- Google Contacts manages public keys and facilitates authenticated communications with the help of Play Services.
- Easily check the privacy of your messages with app-independent key verification.
- Preliminary code represents a minimal feature set that may be expanded in the future.
largely
related
End-to-end encryption
How can an app send messages that only you can decipher?
Messaging uses a method called asymmetric encryption. The publicly available code (public key) allows others to send you encrypted messages. This message can only be decrypted with your private key. Having easy access to the public key allows you to verify the sender’s identity, but depending on the messaging service you use, you may need to look for options to do so.
Upcoming changes starting with the early betas of Android 15 indicate that Google Contacts will work with Play Services to manage your contacts’ public keys, making private and identity-verified communications easier than ever. (via AssembleDebug via Android Authority).
Check the security of messages between apps
A year slower than iOS, but no complaints
The API itself has been around since Android 15 first released in beta as a way to “manage and verify your contacts’ public keys” across the ecosystem, rather than relying on individual apps’ own verification methods. I’m doing it. A teardown of the Google Play services APK reveals many hints that key verification development is well underway, including a separate activity for onboarding to the service and the associated QR code scan and display. It became clear.
Some code strings were also revealed that show how Play Services verification is done through Google Contacts. Users will be able to verify keys for multiple apps by scanning a contact’s QR code or manually comparing each app’s verification code number.
related
Android 15: Availability, timeline, and new features in QPR1 Beta 2
Android 15 QPR1 is taking shape
We saw a similar feature implemented by Apple almost a year ago. Apple published an informative blog post explaining how centralized key verification provides a more secure and streamlined experience than per-app management. At the moment, Google’s implementation seems relatively bare-bones, but that’s to be expected since it’s a feature in development, and there’s always the possibility that it will be fleshed out before or after release.
related
How to send confidential encrypted emails in Gmail
Maximize your privacy when using Gmail
