Gmail 7.2 APK Hints At Possible S/MIME Encryption


Some code found by XDA Developers in a teardown of version 7.2 of Google's Gmail APK seems to hint at enhanced encryption features planned for a future version of the app. To be clear, the mobile variant of the application already has some level of security with TLS encryption enabled by default. However, the discovered code hints at the addition of support for an enhanced encryption protocol – S/MIME – which is already available in the web-based version of Gmail. Bearing in mind that items found in APK teardowns don't always come to fruition, the addition of more security on the mobile side of things would match the company's goals to both make Android the most secure mobile platform and to bring more unification across its platforms.

S/MIME effectively works by creating, sending, and checking signature certificates tied to an email, so that users can verify that the sender of any such communication was actually where the message originated from. In the web-based version of Gmail, verification is shown in the form of a green "lock" symbol on a given email. XDA Developers conducting a teardown first noticed a block of code "Enhanced encryption (S/MIME)". The other lines of code in that section appear to be related to user-side messages also linked to S/MIME encryption. It can reasonably be assumed that Google will use the same symbols in the mobile application as those used in the web version of Gmail. So the "strings," as code stored in text format is called, would most likely be shown to end-users click alongside associated emails. Presumably, S/MIME messages could work similarly to how current messages relating to security do. For example, some spam emails in the current Gmail app show a boxed message – which generally appears at the top of the email – with a statement relating to how the message was determined to be spam in the first place and including precautions that should be taken. Layout files which generally correspond to user interface management were also discovered. The naming conventions used with the files directly correlate to those found in the encoded string messages and are listed by XDA as fz_details.xml, fz_failure.xml, fz_details_item.xml, fz_details_divider.xml, and fz_failure_background.xml.

It is always worth reiterating that not all of the code found in any APK will eventually make its way to users. However, the sheer number of discoveries in version 7.2 of the mobile application really seems to indicate very strongly that a future version will come with the advanced protocol activated. Considering the current security-minded atmosphere surround technologies in general, that would ultimately be a win-win for everybody involved.

Share this page

Copyright ©2017 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.
Junior Editor

Daniel has been writing for AndroidHeadlines since 2016. As a Senior Staff Writer for the site, Daniel specializes in reviewing a diverse range of technology products and covering topics related to Chrome OS and Chromebooks. Daniel holds a Bachelor’s Degree in Software Engineering and has a background in Writing and Graphics Design that drives his passion for Android, Google products, the science behind the technology, and the direction it's heading. Contact him at [email protected]

View Comments