Code discovered in the latest iOS 26.3 beta 2 indicates that Apple is finally addressing the encryption gap in cross-platform messaging. After integrating the initial Rich Communication Services (RCS) standard in late 2024, the company is now moving to implement end-to-end encryption (E2EE) for conversations between iPhone and Android users.

This update follows the long-anticipated rollout of RCS Universal Profile 2.4 in iOS 18, which brought high-resolution media and read receipts to cross-platform chats but left them without the privacy protections native to iMessage. The new technical indicators suggest a shift to the more robust Universal Profile 3.0.

The MLS Protocol: Solving the Interoperability Puzzle

The discovery of "SupportsE2EE" flags and specific carrier bundle toggles, first identified by developer Tiino-X83 and verified by technical analysts, points to Apple’s adoption of the Messaging Layer Security (MLS) protocol.

The move to MLS is a critical technical pivot. Unlike Google’s implementation of RCS encryption, which relies on a proprietary extension of the Signal Protocol, MLS is an IETF-standardized architecture designed specifically for interoperability across different platforms. Apple’s hesitation to encrypt RCS previously stemmed from a refusal to use Google’s "Jibe" cloud or a non-standardized protocol. By waiting for the GSMA to integrate MLS into the RCS Universal Profile, Apple ensures that encryption is handled at the protocol level rather than through a third-party service provider.

MLS provides "forward secrecy" and "post-compromise security," ensuring that even if one encryption key is compromised, the rest of the conversation remains secure—a standard that matches the security profile of iMessage.

Carrier Hurdles and Phased Deployment

While the code exists in the iOS 26.3 beta, the rollout remains dependent on mobile operators. Because RCS is a carrier-intermediated service, the infrastructure must support Universal Profile 3.0 to facilitate the MLS handshake.

Current beta findings show the E2EE toggle active primarily in carrier bundles for French providers like Orange and SFR. This suggests a fragmented global release. Historically, U.S. carriers—Verizon, AT&T, and T-Mobile—have been slower to synchronize RCS updates, often leading to "feature islands" where certain privacy tools only work within a single network. Whether Apple can force a unified standard across these carriers by the time iOS 26.3 reaches a public release remains a primary point of skepticism.

Analysis: Privacy Push or Regulatory Shield?

The timing of this implementation—nearly 18 months after RCS first arrived on iPhone—suggests that Apple’s motivations may be as much legal as they are technical.

Under the European Union’s Digital Markets Act (DMA), Apple has faced intense scrutiny regarding iMessage’s "gatekeeper" status. By adopting a standardized, encrypted version of RCS, Apple can argue that its messaging ecosystem is sufficiently interoperable and secure, potentially heading off further mandates to open the proprietary iMessage protocol to competitors.

For the user, the result is a long-overdue removal of the "security penalty" for texting someone on a different operating system. Once active, the transition from transit-level encryption (where servers can technically see content) to true end-to-end encryption will ensure that cross-platform media and texts are shielded from carriers and third-party actors alike.