What Android’s June Security Upgrade Changes for Scam Calls
Android’s June update security upgrade is a system-wide set of protections that use encrypted verification and on-device intelligence to spot fake calls, spoofed contacts, and phishing-style payment tricks before users fall for them. It focuses on verifying the device behind an incoming call or payment request instead of trusting caller ID or SMS codes, which scammers can manipulate. The update centers on three pillars: fake call detection in the Phone by Google app, cross-device payment approvals in Google Wallet, and deeper real-time caller ID spoofing protection powered by RCS infrastructure. Together, these tools turn everyday phone calls and online purchases into events that are constantly checked against trusted, encrypted channels. The goal is to give users a quiet but continuous layer of defense against AI voice cloning, number spoofing, and social engineering scams that pretend to be friends, family, or financial services.
Encrypted Fake Call Detection: How Android Knows “This May Not Be Mom”
The new fake call detection Android feature lives inside the Phone by Google app and runs every time a saved contact calls. When a contact places a call, their device sends an end-to-end encrypted confirmation signal over RCS to the recipient’s phone. If a scammer spoofs that number, the signal is missing, so the recipient’s phone pings the real contact’s device. If that device responds that it is not calling, the user sees a warning such as “This may not be Mom. Someone may be pretending to call from your contact’s number.” According to TechnoBezz, the feature is rolling out globally to devices running Android 12 and higher, starting with Pixel phones, and is enabled by default in the Phone by Google app. Both parties must use this app, but Google says the RCS-based method is open for other dialers to adopt.
Google Wallet Cross-Device Approvals Cut Out Risky SMS Codes
While fake call detection focuses on voice scams, Google Wallet cross-device approvals aim at another weak spot: SMS verification codes. When users shop on a desktop or another device, they traditionally rely on one-time codes sent by text, which can be intercepted or phished. The June update allows a user’s Android phone to approve payments started on another device through a secure, encrypted channel instead. This reduces exposure to classic phishing and SIM-based attacks because the core verification never appears in an SMS inbox. The feature fits into the same philosophy as spoofed call alerts: verify a trusted device through encrypted communication, rather than trusting visible identifiers that attackers can copy. For people who already rely on Google Wallet, this turns their phone into the central security hub for purchases, whether they are tapping in store or checking out online from a laptop.
A Multi-Layered Defense Against Caller ID Spoofing and Phishing
Taken together, these tools form a multi-layered caller ID spoofing protection strategy that targets both voice and payment fraud. Fake call detection uses encrypted RCS signals to confirm that a contact’s device is the one calling, closing the gap exploited by AI voice cloning and number spoofing. Spoofed call alerts tell users when a familiar number may be impersonated, prompting them to hang up and verify through another channel. Meanwhile, Google Wallet’s cross-device approvals remove SMS codes from the equation, making it harder for attackers to complete fraudulent transactions even if they trick someone by phone. PCMag notes that Google is first shipping the fake call feature on Pixel phones, but the underlying technology is available to other apps and device makers, which could broaden protection across the Android ecosystem as more dialers and wallets adopt compatible verification.