BACK TO NEWS
ResearchCritical

Android Expands In-Call Scam Protection for Financial Apps Globally

3 min readSource: Google Security Blog
Android in-call scam warning alert on a mobile banking app screen with a 30-second pause timer.

Google rolls out AI-powered in-call scam detection for Android, now piloting in the US with major banks and fintechs to combat financial fraud.

Google has announced the expansion of its in-call scam protection pilot for Android, extending the feature to users in the United States after successful trials in the UK, Brazil, and India. The initiative leverages Google AI and advanced security measures to detect and mitigate sophisticated social engineering scams targeting financial app users during phone calls.

Key Developments

Android’s in-call scam protection was first piloted in the UK earlier this year, focusing on financial apps. The system is designed to disrupt scams in real time by detecting high-risk scenarios—such as screen sharing during a call with an unknown number—and issuing immediate warnings. According to Google, the UK pilot has already helped thousands of users avoid potential financial losses.

How the Protection Works

When a user launches a participating financial app (e.g., banking or P2P payment apps) while screen sharing and on a call with an unsaved number, Android triggers an automated warning. The alert:

  • Pauses the session for 30 seconds, breaking the scammer’s urgency tactics.
  • Provides a one-tap option to end the call and stop screen sharing.
  • Requires Android 11 or later for compatibility.

The feature is now expanding to the US, with pilot partnerships including JPMorgan Chase, Cash App, and other major fintechs. Rollout begins in December 2025 for US-based users of these apps.

Impact and Context

Google’s efforts align with broader industry trends to combat mobile financial scams, which increasingly rely on social engineering (e.g., impersonating banks to coerce victims into sharing sensitive data or transferring funds). A recent YouGov survey commissioned by Google found that Android users were 58% more likely than iOS users to report no scam texts in the prior week, highlighting the platform’s existing protections.

Technical and Operational Details

  • AI-Powered Detection: The system analyzes call patterns and app behavior to identify potential scams.
  • Ecosystem Collaboration: Google is working with financial institutions to integrate protections directly into their apps.
  • User Control: Warnings are non-intrusive but designed to interrupt the scammer’s manipulation tactics.

Recommendations for Security Teams

  1. Monitor Pilot Rollouts: Track the feature’s expansion in the US and other regions to assess its effectiveness for enterprise users.
  2. Educate End Users: Reinforce training on social engineering risks, particularly for employees handling financial transactions via mobile devices.
  3. Evaluate Compatibility: Ensure corporate devices run Android 11+ to support the feature.
  4. Integrate with Existing Protections: Combine this tool with multi-factor authentication (MFA) and endpoint detection for layered defense.

Google plans to refine the system based on pilot feedback before a wider release, emphasizing its commitment to cross-industry collaboration in fraud prevention.

Image: Mockup of Android’s in-call scam warning alert on a mobile banking app screen.

Share

TwitterLinkedIn