iOS 26.5 brings encrypted texting between iPhone and Android. Group chats and metadata still leak.

Apple flipped the switch on May 11. RCS messages between iPhones running iOS 26.5 and Android phones on the current Google Messages now encrypt end-to-end by default, with a lock icon on every qualifying chat. The Electronic Frontier Foundation, which had spent four months running an “Encrypt It Already” campaign aimed at exactly this outcome, called it a victory in the same hour Apple published the post.

Cross-platform texting being readable by carriers, by interception, and by anyone with access to a backup database has been the standing default since 1992. As of this week it isn’t, for most one-to-one chats. The catch is that the rollout is incomplete on purpose: group chats, metadata, and backup parity are not in scope, and the beta tag on Apple’s announcement is doing real work.

What actually shipped

The encryption rides on a new version of an old spec. The GSMA (the trade body that runs the cellular carrier ecosystem) ratified Universal Profile 3.0 in March, and Apple and Google were the two companies that pushed for the MLS-based encryption stack inside it. Apple’s iOS 26.5 update, also released May 11, is the iPhone-side delivery vehicle. Google Messages has been shipping the same code on Android over the last two beta channels and lit it up for stable users the same day.

What you get when both sides line up:

• A lock icon next to the chat name in Messages or Google Messages indicating that the conversation is end-to-end encrypted.
• Encryption applied automatically to both new conversations and existing RCS threads, on by default with no toggle.
• Encryption that “they can’t be read while they’re sent between devices,” in Apple’s words.

What you don’t get:

• Encryption for group RCS chats. EFF’s writeup is explicit: “Group chats aren’t addressed in this rollout.”
• Encryption that hides metadata. As the EFF post notes, “Metadata will likely still be collected and stored” by carriers, which is who’s transporting the encrypted payloads in the first place.
• Encryption that survives Google Messages cloud backups on Android. Apple’s iCloud-backed iMessage threads are only protected if Advanced Data Protection is on; Google Messages, per EFF, doesn’t ship a comparable end-to-end encrypted backup option.

Why “beta” actually means something

Apple’s beta tag isn’t marketing hedge. The rollout depends on two things outside Apple’s control. First, your carrier has to support RCS Universal Profile 3.0. T-Mobile, Verizon, AT&T, and the major European operators have all signed onto Universal Profile, but the 3.0 turn-up is rolling out region by region across May and June. Second, the person you’re texting has to be on Google Messages, not Samsung Messages or a third-party SMS app. If either condition is missing, the chat falls back to unencrypted RCS or SMS, and the lock icon won’t appear.

The practical version of this for the next month: a chat that’s encrypted on Wednesday may not be encrypted on Friday if either party switches networks, changes default apps, or roams onto a carrier still on Universal Profile 2.x. The lock icon is reliable; the absence of a lock icon is the part the user has to read carefully.

What it doesn’t replace

iMessage isn’t going anywhere. Apple’s own positioning is unambiguous: “iMessage was built with privacy in mind and has always been end-to-end encrypted” and “remains the best way to communicate between Apple devices.” The reading between the lines: RCS gets parity with iMessage on the one specific question of whether the message body is readable in transit. It does not get parity on group chats, on reactions, on read receipts, on iCloud-backed history with Advanced Data Protection, or on the metadata Apple controls because Apple is the carrier inside its own walled garden.

For everyday iPhone users, the upshot is small but real: a green-bubble conversation with an Android friend on Google Messages is now privacy-equivalent to a blue-bubble conversation between two Apple devices, for the one-on-one cases that actually got upgraded. The bubble colors stay different. The lock icon is the new tell.

The EFF asterisks

The Electronic Frontier Foundation isn’t a neutral observer; the foundation’s Encrypt It Already campaign launched in January 2026 with this exact rollout as the explicit ask. The organization gets to call it a victory because it largely is. The asterisks in the same EFF post are the gaps that didn’t ship:

• Group chats are unencrypted. This is the biggest hole. Family threads, work groups, and any chain that has both iPhones and Androids on it remains plaintext in transit.
• Carrier metadata is unaffected. Who you texted, when, and from where stays in carrier logs. The body is encrypted; the envelope isn’t.
• Android backup parity is missing. Apple’s ADP-protected iCloud backups raise the bar that Google Messages would have to meet for end-to-end protection of message history; right now Google doesn’t.
• The U.K. Home Office’s prior order on Apple to weaken iCloud encryption is still on the books. EFF’s piece flags that as the next fight, not this week’s win.

If you live in a threat model where encryption-in-transit is enough and message history sitting in a cloud isn’t your concern, this week’s change is a meaningful upgrade. If your threat model includes a regulator subpoenaing a cloud backup, the wider Apple-Google policy fight matters more than the protocol change.

Why you’re hearing about this now

Two factors lined up. The first is iOS 26.5 itself, Apple’s last point release before the iOS 27 cycle that’s expected to be a much bigger product story at WWDC in June. Shipping encrypted RCS in 26.5 closes the privacy gap before any of the new platform changes land. The second is the GSMA timing: Universal Profile 3.0 didn’t exist a year ago, and the MLS protocol inside it didn’t have shipping production implementations from both Apple and Google a quarter ago. The day both Apple’s iOS 26.5 build and Google’s Messages stable channel rolled out the same code was always going to be the day this story landed.

The thing to watch over the next quarter: group chat encryption. Apple, Google, and the GSMA all know it’s the visible gap. MLS is technically capable of group encryption (that’s literally what it was designed for). The question is whether the same political coalition that pushed Universal Profile 3.0 through holds together for 3.1. If it does, the second half of this story ships before the end of the year. If it doesn’t, today is most of what cross-platform encryption gets, for a while.

What this means for you

If you’re an iPhone user who already texts Android friends, the practical change is small but real. Your one-on-one chats with anyone on Google Messages are now encrypted in transit, and you don’t have to do anything to get it: iOS 26.5 lit it up automatically. The new habit worth picking up is glancing for the lock icon when the conversation matters. No icon means the fallback path is active, and the message went through unencrypted. That happens whenever the other party is on a Samsung Messages, Beeper, or third-party SMS replacement, or whenever their carrier hasn’t enabled Universal Profile 3.0 yet.

If you run a group chat that mixes iPhones and Androids, today doesn’t help you. Plan accordingly: anything sensitive belongs in Signal, an iMessage-only group, or a WhatsApp thread, not in a green-bubble group chat. The honest read of this week’s news is that it’s the moment cross-platform texting stops being indefensible for routine one-to-one conversations, not the moment it became safe for everything.