To help prevent others from reading your emails, Gmail automatically encrypts the email in transit using transport-layer security (TLS). In most cases, you can verify the security of your emails when:
- You compose a new message.
- You receive a message.
If you have a work or school account, additional encryption types may be supported. Learn about email encryption in Gmail.
Want to get more out of Google apps at work or school? Sign up for a Google Workspace trial at no charge.
Check if your message is encrypted
- On your Android phone or tablet, open the Gmail app .
- At the bottom right, tap Compose.
- In the "To," "Cc," or "Bcc" field, enter your recipient's email address.
- To the right of the “Subject” field, tap Message security .
- To check the message security of your recipient, tap:
- Standard encryption supported: The message is encrypted with TLS.
- Enhanced encryption supported: The message is encrypted with S/MIME.
- No encryption supported: The message isn’t encrypted, or Gmail doesn’t recognize the encryption type.
- Optional: To change encryption settings, tap Settings.
Check if a message that you receive is encrypted
- In Gmail, open an email.
- At the top, next to the recipient, tap Show details .
- Check the encryption type:
- Standard encryption (TLS)
- Enhanced encryption (S/MIME)
- No encryption supported
- To view additional information, tap View security details.
What to do if an email isn’t encrypted
- If you get a warning that your email isn’t encrypted, or there’s a red lock icon , the recipient may be using an email service that doesn’t support TLS or another encryption type supported by Gmail. Consider removing unencrypted addresses or deleting confidential information from the email before you send.
- If you receive an unencrypted email that contains sensitive content, let the sender know and ask them to contact their email service provider.
- If you use S/MIME, emails are encrypted in S/MIME whenever possible. To either sign or receive S/MIME-encrypted emails, you need to have a valid S/MIME certificate from a trusted source.
Why some emails might not be encrypted
For standard encryption to work, the email providers of both the sender and the recipient always have to use TLS.
The email doesn’t support encryptionSome email providers send messages to Gmail addresses using TLS but can't receive encrypted messages.
If you reply to these messages from Gmail, the red lock icon may show up.
Even if a message is protected by encryption, you may get a warning when:
- Encryption hasn't worked for a certain email provider in the past.
- Gmail isn't directly sending the message. For example, if you've set up a custom domain name like
name@yourdomain.com
, the red lock icon might show up.