Overview
- Google expanded Gmail client-side encryption to its Android and iOS apps, letting eligible users compose, send, and read encrypted email without extra tools.
- Access is limited to Google Workspace Enterprise Plus customers with the Assured Controls or Assured Controls Plus add-on after admins switch on mobile clients in the Admin Console.
- Senders turn on protection in the compose window by tapping the lock icon and choosing Additional encryption, with messages and attachments then encrypted before they leave the device.
- Gmail app users receive these emails as normal threads, while anyone without the app can open them in a web browser and reply from there.
- The system uses customer-controlled keys stored outside Google to meet needs such as data sovereignty, HIPAA, and export controls, following web rollout milestones that began in December 2022 and expanded in 2023 and 2025.