What Android’s new spoofed call protection is and why it matters
Android’s new spoofed call protection is a caller verification system in the Phone by Google app that uses encrypted device checks, rather than caller ID alone, to warn users when someone may be impersonating a trusted contact’s phone number. Built into the June Android update, it targets a growing wave of phone number scams where attackers clone voices and forge caller IDs to imitate family, friends, or colleagues. Instead of judging how a caller sounds, Android now focuses on where the call originates, confirming whether it truly comes from a contact’s device. This shift in Android call detection reflects a broader move from cosmetic caller ID toward deeper, device-level checks that happen in real time. As phone number scams become more sophisticated, the feature offers a new layer of fake call detection that can intervene before a conversation even begins.
How encrypted caller verification and RCS make fake call detection work
Google’s fake call detection works like a silent handshake between devices, built on end-to-end encrypted Rich Communication Services (RCS). When a saved contact calls using Phone by Google, their device sends a confirmation signal over RCS to the recipient. If this encrypted signal arrives as expected, Android treats the call as coming from a verified device. If the signal is missing, the recipient’s phone can ping the contact’s real device to ask whether a call is in progress. When that device reports that it is not calling, Android flags the situation as a likely spoof. The user then sees a warning that someone may be pretending to call from that contact’s number, along with an option to hang up immediately. According to eeNews Europe, this device-origin check provides a stronger signal than trying to analyse voices for signs of AI cloning after the call has started.
Tackling “this may not be Mom” scams and AI voice cloning
The new caller verification feature targets one of the most emotionally charged forms of phone number scams: imposters who pretend to be close contacts. Google’s update is designed for scenarios where a screen shows a familiar name, but the call is routed through internet-based spoofing tools and paired with an AI-cloned voice. Instead of trusting caller ID labels, Android checks the contact’s physical device in real time. If someone spoofs your mother’s number without using her phone, the system can show a warning such as “This may not be Mom. Someone may be pretending to call from your contact’s number.” That message appears before any payment request, password prompt, or urgent plea has a chance to pressure the victim. By tying spoofed call protection to device identity rather than names or voices, Android makes it harder for attackers to abuse personal trust.
Privacy, availability, and what this means for Android call security
Because caller verification runs over end-to-end encrypted RCS, Google’s system can confirm that a call comes from a contact’s device without exposing call content or message history. The feature is rolling out globally as part of the June Android Drop for devices running Android 12 or higher, starting with Pixel phones. It requires Phone by Google, Contacts, and Google Messages, and both sides of the call must use Phone by Google with RCS turned on. Those requirements are the main limitation today, but Google built the verification on open RCS standards so other apps and device makers can adopt compatible checks. As more users gain access, this Android call detection update signals a broader shift: the phone app is becoming a front line for security, not just a dialer. Fake call detection now sits alongside other platform features, giving Android a stronger default posture against scams that exploit caller ID and trust.
