Your Android phone is soon going to be significantly more effective at preventing scams.

      Google has unveiled an extensive array of security enhancements for Android today during the Android Show I/O Edition, with the most significant updates aimed at combating scams that result in financial loss for users. The new features include automatically disconnecting from fraudulent bank calls and concealing one-time passwords (OTPs) from harmful apps, collectively representing Google’s most robust initiative to shield Android users from scammers and malicious software.

      Your bank will verify its own calls

      The highlight of today's announcement is the introduction of verified financial calls, a feature that automatically terminates calls from numbers impersonating your bank or financial institution. Phone spoofing, a tactic where scammers utilize internet-based calling technologies to disguise a trustworthy caller ID, results in an estimated global loss of $950 million annually for users. With this new capability, if you have the app of a participating bank installed and are logged in, Android will check with the app in real-time to confirm whether the call is genuine.

      If the app indicates it isn’t a legitimate call, your phone will hang up automatically. This feature will begin rolling out in the next few weeks to devices running Android 11 and beyond. Initially, it will support Revolut, Itaú, and Nubank, with more banks scheduled to be added later this year.

      Google

      Android’s Live Threat Detection is also expanding its coverage. This on-device AI feature will flag apps that secretly forward your SMS messages or exploit accessibility permissions to present hidden content on your screen. A new dynamic signal monitoring function will take it a step further, actively monitoring for apps that alter or conceal their icons before starting in the background, a common tactic used by malware. This will enable Google to push updated threat definitions to devices as new attack strategies arise. dynamic signal monitoring will be implemented with Android 17 on select devices in the latter half of the year.

      In addition, Android will automatically conceal OTPs from most apps for a period of three hours, preventing malicious applications with SMS access from intercepting them while they are valid. Chrome on Android will also acquire the ability to scan APK files for known malware prior to the completion of a download. This feature will be accessible to users with Safe Browsing enabled.

      Stronger protections for high-risk users

      For those requiring enhanced security measures, Android’s Advanced Protection mode will receive a substantial upgrade with Android 17. This will limit accessibility service access to apps explicitly designated as accessibility tools, disable device-to-device unlocking and Chrome WebGPU support, and introduce scam detection for chat notifications. Support for Android Enterprise through Advanced Protection is expected to be available later this year.

      Two new security features are currently being rolled out ahead of Android 17: USB protection will be available for all devices running Android 16 and later, while Intrusion Logging, created in collaboration with Amnesty International and Reporters Without Borders, is being deployed on devices with the Android 16 December update and above.

      Concerning OS integrity, Android 17 will feature Android OS verification, allowing you to confirm that your device is operating an official build of Android. This function will first launch on Pixel devices.

      Google

      Additionally, Google will introduce a public, append-only ledger that offers cryptographic verification of the authenticity of production Google apps on Android. Android 17 will also incorporate Post-Quantum Cryptography to safeguard data against future threats, and carriers will be able to set the default for the 2G disable toggle to off, which will help eliminate a common avenue for network-based attacks.

      Most of these protective measures will function automatically in the background, meaning Android users can be defended against a wide array of attacks without needing to adjust any settings.