Edgar Cervantes / Android Authority
TL;DR
- Google appears to working on an email forwarding alias system.
- Called “Shielded Email,” the intent appears to be hiding your main email address from apps demanding one.
- If spam ever becomes a problem, you can just turn off the forwarding.
It feels like every service, app, and website you use these days wants you to create an account for it. How many times have you been checking one of those out, only to pause slightly when it asks for your email address? Sure, Gmail is an absolute champ at filtering out spam, but every time you share your email with someone even a little bit shady, do you feel like you’re playing with fire and risking a whole bunch of unwanted contact? Google may just have a solution in the works, at least by the looks of our latest teardown.
An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.
The APK on the menu this afternoon is the new 24.45.33 release of Google Play Services, and upon cracking it open, we find a whole boatload of strings referencing and in support of something called “Shielded Email.”
Code
Generated email addresses
Shielded Email
Cancel
Use address
Emails forward to ^1. To control spam, you can turn off forwarding at any time in your Google Account. Learn more about Shielded Email.
Keep your email address private with Shielded Email
Use Shielded Email?
Use an email address created for this app. This can protect you from online tracking and data breaches.
Use an email address created for this app. Emails will forward to ^1
Use Shielded Email
Try again
Something went wrong. Please report the issue to go/sme-bugs. Error: ^1
Progress indicator
@string/common_refresh Just from that text, we’re able to infer quite a lot about what we’re looking at here, and it appears that Shielded Email consists of a system to create single-use or limited-use email aliases that will forward messages along to your primary account. And while we could imagine that something like this might be pretty useful in Chrome, here it looks like Google is building it specifically to address apps that ask for your email address.
The messages in there touch on a couple reasons beyond spam that you might want to keep your main email private, like reducing the extent to which your online activities can be tracked, and mitigating your personal risk from potential future data breaches.
This all sounds like a great idea, presuming Google ultimately follows through with it, and we’re mainly just curious about how it might be implemented. Will these be unique per each use in a way that’s trackable, if your information later gets out? Can we expect any limits on who can use this, or how much they’ll be able to? There are a lot blanks to still fill in right now, but we’ll be keeping an eye on future Google Play Services releases in the hopes of learning more about what Google’s planning here.
