End-to-end encryption for RCS messaging is expected 'in the coming months,' but the FBI is urging people to use encrypted apps right now following the 'Salt Typhoon' hacks.

It could take months for end-to-end encryption to roll out for RCS messaging, despite the FBI urging people to adopt the technology immediately after the China-backed "Salt Typhoon" hacks.

Following the addition of RCS messaging for iPhones with iOS 18, the governing body behind the standard, the GSMA, teased end-to-end encryption (E2EE) between iOS and Android. But as the GSMA tells CNBC, that transition is still a work in progress.

"Work with key industry stakeholders is progressing well and we look forward to updating the market in the coming months," a GSMA spokesperson says.

That might seem like a reasonable timeline, but it comes after the FBI urged Americans to use encrypted messaging services after Chinese hackers breached at least eight US telecom companies, including AT&T, Verizon, and T-Mobile, to spy on users' cellphone activity. With end-to-end encryption, the damage caused by such breaches could be reduced to some extent because even if user data is stolen, hackers wouldn't be able to decrypt it as easily.

"Ensure that traffic is end-to-end encrypted to the maximum extent possible," the FBI and Cybersecurity and Infrastructure Security Agency (CISA) said in an advisory for network engineers after the breach.

RCS has been around for quite some time, with Google rolling it out to all Android users in the US in 2019. The company also offers end-to-end encryption for RCS messaging between Android users via the Google Messages app. But Phone-to-Android RCS chats only encrypt messages in transit, not end-to-end, potentially putting messages at risk of interception.

If you have concerns, we've tested the best private messaging services to keep your online conversations confidential from advertisers and governments.