Rich Communication Services (RCS) has been kicking around since 2008. For most of that decade it was an industry promise that never quite arrived — fragmented carrier implementations, no cross-platform support, and encryption that was optional at best. In 2019, Google adopted it as the default for Google Messages and started pushing hard for Apple to follow. Apple finally added RCS support in iOS 18, and suddenly the messaging world changed.
Both companies now advertise RCS as encrypted. Google specifically says Google Messages uses end-to-end encryption via the Signal Protocol. Apple says iMessage over RCS is encrypted. Neither statement is technically wrong — but both obscure a set of conditions under which the encryption simply doesn't apply.
What RCS Actually Is
RCS is a carrier-level messaging standard developed by the GSMA, the industry body that governs global mobile standards. It's designed to replace SMS/MMS with a richer protocol: read receipts, typing indicators, high-resolution photos, group messaging, and eventually — encryption. The key word is "eventually."
The base GSMA RCS specification does not mandate end-to-end encryption. It's an optional feature. When you hear "RCS is encrypted," you're hearing about an implementation choice made by a specific app — not a property of the protocol itself. This means RCS messages flowing through carrier infrastructure, without an E2E-capable client on both ends, are visible to the carrier in transit.
RCS encryption is an app-layer addition, not a protocol requirement. The same way HTTPS is HTTP plus TLS, Google's E2E encryption in Google Messages is RCS plus the Signal Protocol — layered on top, not baked in. Strip the app layer, and you have plaintext at the carrier.
Google's Implementation: Signal Protocol, But Only Sometimes
Google Messages uses the Signal Protocol to encrypt RCS conversations — the same cryptographic protocol that powers Signal itself. When both parties are using Google Messages with RCS enabled, messages are encrypted end-to-end. Google cannot read them. The carrier cannot read them. This is real encryption and deserves credit.
The encryption doesn't apply in these situations:
- Group chats — as of 2025, Google Messages RCS group chats are not E2E encrypted. Google has been working on this, but the rollout has been slow and patchy. Check your specific version for status.
- Business messages — RCS Business Messaging (RBM), used for customer service, appointment reminders, and marketing, is not E2E encrypted by design. The business needs to read the messages they're sending.
- Messages to non-Google-Messages users — if the recipient uses a carrier's native RCS client rather than Google Messages, the Signal Protocol layer is absent. The message is still RCS, but not E2E encrypted.
- SMS fallback — when RCS isn't available, Google Messages falls back to SMS, which has no encryption at all. The fallback isn't always indicated clearly in the UI.
Apple's Implementation: iMessage and RCS Don't Mix
Apple's situation is different. iMessage — the protocol behind blue bubbles — uses Apple's own encryption and has since 2011. When you message another iPhone user, you get iMessage. That's genuinely encrypted.
When iOS 18 added RCS support, Apple implemented it as a carrier-level protocol without adding its own E2E encryption layer on top. Apple's RCS messages are encrypted in transit between the device and the carrier using standard TLS, but they are not end-to-end encrypted. Apple has stated publicly that it plans to add E2E encryption to RCS, but as of this writing it has not shipped.
Critically, cross-platform RCS between an iPhone and an Android device is not end-to-end encrypted — even when both apps are from companies that support E2E encryption on their own platforms. Google Messages uses the Signal Protocol; Apple uses its own encryption for iMessage; they don't interoperate. The message falls back to unencrypted RCS at the protocol layer.
"The absence of cross-platform E2E encryption in RCS is not a bug that got missed. It's a consequence of two competing proprietary encryption layers that were never designed to talk to each other." — A structural problem, not a patch
The Metadata Problem Doesn't Go Away
Even where RCS encryption works correctly — Google Messages to Google Messages, 1:1 conversation, both parties on current app versions — the metadata problem is unresolved.
Google knows who you're messaging, when, how often, message length patterns, and your device identifiers. The Signal Protocol protects message contents; it says nothing about communication metadata. For most everyday use cases, this is acceptable. For people whose threat model includes corporate surveillance or government requests to Google, it isn't.
This isn't unique to RCS — Signal has its own metadata considerations — but it's worth being explicit about. "Encrypted messaging" and "metadata-private messaging" are different claims.
The Carrier Visibility Problem
Even with E2E encryption in place, your carrier knows you sent a message, to whom, and roughly when. RCS uses carrier infrastructure for delivery. The carrier doesn't see the content, but they see the session. This is the same situation as any E2E encrypted service — the transport layer leaks timing and participant data even when the payload is protected.
For SMS, the content was also visible to the carrier. RCS E2E encryption solves that specific problem. It doesn't eliminate carrier visibility into your communication patterns.
Protocol Comparison: Where RCS Lands
| Protocol | E2E Encrypted | Group Chat E2E | Cross-Platform | Metadata Private |
|---|---|---|---|---|
| SMS | ✗ No | ✗ No | ✓ Yes | ✗ No |
| RCS (base spec) | ✗ No | ✗ No | ✓ Yes | ✗ No |
| RCS (Google Messages, 1:1) | ✓ Yes | ~ Partial rollout | ✗ Android only | ✗ No |
| RCS (Apple iOS 18) | ✗ Not yet | ✗ No | ✓ Yes | ✗ No |
| iMessage (iPhone–iPhone) | ✓ Yes | ✓ Yes | ✗ Apple only | ✗ No |
| Signal | ✓ Yes | ✓ Yes | ✓ Yes | ~ Phone number required |
What This Means Practically
RCS is a genuine improvement over SMS. If you and your contacts both use Google Messages, the 1:1 encryption is real and the Signal Protocol is a solid choice. RCS group chats are catching up. The move away from SMS is unambiguously good.
But RCS is not a replacement for Signal or similar purpose-built encrypted messengers if your requirements include:
- Consistent E2E encryption in group conversations
- Cross-platform E2E encryption (iPhone to Android and back)
- Minimal metadata footprint with a third party
- Business messaging that you control
The framing that "RCS is encrypted, you can drop Signal" is premature at best. The encryption is real but scoped. Know which scope you're in before treating it as equivalent.