Notebookcheck Logo

Google's Messages app gains a new ability to protect against phishing

A new Google Messages update has a new setting. (Source: Google)
A new Google Messages update has a new setting. (Source: Google)
Google is pushing a new update in which its SMS app will gain the ability to tell between 'real' and 'fake' corporate messages. This will be done in line with the search giant's new "Verified" initative, by which businesses register with Google so as to prevent their communiques being automatically labelled as a form of spam and never reaching their customers.

SMS apps appear to have become magnets for promotional missives from every business with your number, especially around holidays such as Thanksgiving or Christmas. Furthermore, the ability to reach and even chat with firms to solve issues and queries via text is becoming more and more a user reality these days. However, this does make such channels of communication potentially susceptible to many forms of abuse, spam and phishing included. 

Google has announced a new initiative that may help manage these risks. It is known as Verified SMS, a program to which businesses may sign up in order to gain Verified status. This enables them to send messages to users with profiles that include a corresponding icon. This may confer increased authenticity on the corporate accounts in question, thus helping the user decide whether to engage with them or not.

Google also clears the actual messages sent by the same organisation. This involves their on-device (or "private") conversion into what the Mountain View company calls "unreadable authenticity codes" (or, in other words, message hashes or HMACs). They are then compared against "public" codes submitted in accordance with the Verified SMS program.

Should the two match, they are then displayed to the user as genuine and safe for response. Verified SMS will appear as a new setting in the Google Messages app version 5.3.075. It enacts several new features when activated, including notifications when messages have been verified or not.

Google asserts that the "coded" messages sent by users are not read by its staff, and that they can't be decrypted without access to keys held by both the business and the device in question.


static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2019 11 > Google's Messages app gains a new ability to protect against phishing
Deirdre O Donnell, 2019-11-30 (Update: 2019-11-30)