Apple has launched a new developer beta for iOS and iPadOS 26.4 that introduces end-to-end encryption for RCS messaging between Apple devices. This update also includes enhanced memory safety protections and is expected to enable Stolen Device Protection by default for all users.

Apple recently distributed the iOS and iPadOS 26.4 developer beta, which features the integration of end-to-end encryption for the Rich Communications Services protocol. While this security enhancement is currently limited to the testing phase, it is eventually intended for a wider release across the entire Apple ecosystem, including macOS and watchOS. The company clarified in its documentation that these encrypted conversations are restricted to interactions between Apple devices and are not yet compatible with other platforms such as Android.

The implementation of this security standard follows the GSMA's move to support encryption within the RCS Universal Profile. To achieve this, Apple is transitioning to Universal Profile 3.0, which utilizes the Messaging Layer Security protocol to ensure that messages remain private while in transit. This shift represents a significant step in Apple's adoption of modern messaging standards while maintaining its focus on user privacy through verified encryption labels within the interface.

Beyond messaging, the 26.4 beta introduces a significant upgrade to the system's defensive architecture through Memory Integrity Enforcement. Developers can now opt their applications into a full protection mode rather than the previous soft mode, providing more robust safeguards against memory-based vulnerabilities. This technology was designed specifically to thwart highly sophisticated spyware and targeted attacks by securing the kernel and various system processes without sacrificing device performance.

Security updates in this version also extend to physical device safety, with reports indicating that Stolen Device Protection will now be active by default. This feature mandates biometric authentication for sensitive tasks, such as accessing saved financial information or passwords, whenever the iPhone is detected away from familiar spots like the user's home or office. By making this the standard setting, Apple aims to provide an immediate layer of defense for all users against real-world theft.

To further protect accounts, the system includes a security delay for high-priority changes. If a user attempts to modify their Apple Account password while in an unfamiliar location, the software enforces a one-hour waiting period in addition to biometric verification. This delay is intended to give the legitimate owner enough time to realize their device is missing and remotely lock it before a thief can permanently take over the account.

Source: Apple Tests End-To-End Encrypted RCS Messaging In iOS 26.4 Developer Beta