This new feature is now available in mobile apps
Google has announced the release of its ‘confidential mode’, a feature that will establish a self-destruct date in emails sent from mobile devices.
This new feature came with the Gmail redesign project announced earlier this year and was set up by default for Gmail users last July, while G Suite business customers still have a few months to make the change. This cyber security organization feature is now available on mobile devices, Google announced via Twitter.
Google announces this Gmail feature as a way to protect sensitive information by allowing users to set an expiration date for individual messages, as well as the possibility to revoke access to already sent messages.
According to cyber security organization experts, the feature also prevents recipients from forwarding, copying, printing or downloading email content and allows users to ask recipients to enter a unique code sent by SMS to see the email.
The authentication function is intended to protect the information in case of email account hijacking.
While confidential mode could help prevent information leaks, Google points out some warnings. For example, it will not prevent recipients from taking screenshots or photos of sent messages; in addition, confidentiality may be compromised if the recipient uses a malware-infected computer.
Google is more careful about launching the confidential mode for its G Suite users, despite calling the confidential mode as an “Information Rights Management” mode. Currently, the function is disabled by default in G Suite and users must request permission from their administrator to access it.
Some cyber security organization experts question the use of the word ‘confidential’, arguing that it makes users think that the service effectively provides a truly confidential way of sharing information, when in fact it is not.
The Electronic Frontier Foundation (EFF) recently accused Google of providing “misleading guarantees of privacy and security” with the confidential mode function, which could divert users’ attention away from effectively secure ways to send private messages. Its main criticism is that Gmail is not an end-to-end encrypted service, so Google could have access to the messages.
In response to recent concerns about apps developed by third parties with access to the content of Gmail users, Google emphasized that no one on Google reads Gmail messages, but noted that the company is willing to conduct research and testing, if necessary, to know about any error or abuse of any developer.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.