Google has expanded end-to-end encryption (E2EE) in Gmail for Workspace users, bringing full support to iOS and Android devices for the first time.
With this update, users can now compose, send, receive, and read encrypted emails directly inside the Gmail mobile app, without needing to rely on desktop workflows or external tools. This marks a significant step in making enterprise-grade email security more accessible on mobile devices.
End-to-end encryption ensures that messages are protected in a way that prevents anyone—including Google itself—from reading the content while it is in transit or stored on servers. Only the sender and intended recipient can decrypt and view the email content.
Previously, Gmail’s enhanced encryption options were more limited on mobile, often requiring workarounds or restricted functionality. The latest rollout removes those limitations, allowing a fully native encrypted email experience on smartphones and tablets.
The feature is primarily aimed at Google Workspace customers, including businesses and organizations that require stronger data protection and compliance controls. It is expected to improve secure communication for industries such as finance, healthcare, and legal services, where sensitive information is frequently exchanged.
This expansion also reflects Google’s broader push toward strengthening privacy and security across its productivity ecosystem, while making advanced encryption tools easier to use across all devices.
The feature is part of Gmail’s client-side encryption (CSE) system, which until now was only available on desktop. With this expansion, Google is bringing full encrypted email functionality directly into the Gmail mobile app on both iOS and Android, removing the need for separate tools or desktop-only workflows.
What’s New in Gmail Mobile Encryption
With this update, Workspace users can now:
-
Compose encrypted emails directly in the Gmail app
-
Read and reply to encrypted messages on mobile
-
Avoid using external secure email portals or standalone apps
This makes end-to-end encrypted email significantly more seamless for users who rely on smartphones and tablets for day-to-day communication.
Works Across All Email Providers
Google has also expanded compatibility so encrypted emails can be sent to any recipient, regardless of their email service:
-
Gmail users: receive messages as normal email threads
-
Non-Gmail users: access messages through a secure browser-based portal
-
No additional software or app installation is required for recipients
This ensures encrypted communication remains accessible even outside Google’s ecosystem.
Availability and Requirements
The feature is rolling out now across both Rapid Release and Scheduled Release Workspace domains, but it is limited to enterprise customers.
To use client-side encryption on mobile, organizations must have:
-
Google Workspace Enterprise Plus
-
Either:
-
Assured Controls add-on
-
Assured Controls Plus add-on
-
Administrators must also enable Android and iOS client access through the CSE settings in the Google Admin Console before users can begin using the feature.
How to Send an Encrypted Email
Users can enable encryption when composing a message by:
-
Opening a new email in the Gmail app
-
Tapping the lock icon in the compose window
-
Selecting “additional encryption”
-
Writing and sending the message as normal
Why It Matters
By extending client-side encryption to mobile devices, Google is removing one of the biggest usability gaps in secure email workflows. The result is a more consistent experience across desktop and mobile, while still maintaining strict enterprise-level privacy controls.
This move strengthens Gmail’s position as a secure communication platform for regulated industries, where sensitive data protection and compliance are critical.