Verified Financial Calls: Automatic Scam Blocking for Bank Customers
Phone scammers have long relied on spoofed caller IDs to impersonate banks, contributing to huge global losses. Google’s new verified financial calls feature directly targets this tactic by turning Android into a live authenticity checker for banking calls. When a call claims to be from your bank, Android consults the official banking app installed on your device to verify whether the institution is actually calling. If the app reports no active call from that bank, Android automatically terminates the connection—often before the phone even rings. Banks can further mark certain numbers as inbound-only, so any outgoing call that appears to originate from those numbers is cut off immediately. The feature is rolling out on Android 11 and newer devices with partners like Revolut, Itaú, and Nubank, and will expand to more financial institutions over time.
AI-Powered Malware Protection and Live Threat Detection
Android’s new security upgrades push malware protection deeply into the operating system and browser. Chrome on Android now performs download-time checks for APK files using Safe Browsing, scanning for known malicious code before the file is saved, and blocking harmful packages automatically. Beyond downloads, Android’s Live Threat Detection uses on-device AI to continuously monitor how apps behave after installation. It flags suspicious actions such as secretly forwarding SMS messages, abusing accessibility overlays, or hiding app icons to run covert background activity. A capability called dynamic signal monitoring lets Google update detection rules in real time, helping Android adapt quickly to emerging malware techniques. These features, debuting on Android 17 devices, aim to make malware protection on Android more proactive, reducing reliance on user vigilance and third-party antivirus apps while keeping analysis on-device for privacy.
On-Device AI Security and Isolation for Sensitive Data
Google is also focusing on on-device AI security to protect highly sensitive information processed by modern features and assistants. Android 17 introduces AISeal with pKVM, a hardware-backed isolation layer that works alongside Private Compute Core and Private AI Compute. Together, they create a verified environment where AI workloads on ambient or personal data can run without exposing that data to external servers. This isolation means actions like spam detection, scam spotting, or behavioral analysis can be powered by AI models locally on the device, rather than streaming raw data to the cloud. Android further tightens data access with new one-time precise location controls and a redesigned contact picker, which lets apps request only specific contacts or fields, keeping permissions temporary. These changes strengthen on-device AI security by limiting how much personal information any single app—or even Google itself—can access at once.
Advanced Protection Mode and Spyware-Resistant Forensics
To defend against high-end spyware targeting journalists, activists, and other at-risk users, Google is expanding Advanced Protection Mode. A key addition is Intrusion Logging, which creates encrypted forensic logs stored in the user’s Google account instead of being overwritten. These logs track events like unlock attempts, app installations, server connections, and whether a forensic tool was plugged into the phone. Working with human rights organizations, Google designed this system to preserve evidence that previously vanished when logs rotated out. Advanced Protection Mode also now includes USB protection on Pixel devices, blocking unauthorized data access over physical connections. On Android 17, it further prevents non-accessibility apps from using accessibility services, disables device-to-device unlocking, and adds scam detection for chat notifications. Together, these upgrades make Android a harder target for advanced spyware while giving investigators better tools to understand what happened after an attack.
Theft Protection and Everyday Security: What Users Need to Know
Android 17’s theft protection upgrades are designed to secure your phone even after it leaves your hands. Remote Lock and Theft Detection Lock now default to on, using motion sensors to detect snatch-and-grab scenarios and instantly lock the device. The Find Hub’s Mark as Lost feature receives biometric enforcement: even if someone watched you enter your PIN, they still can’t unlock the phone or disable tracking without your fingerprint or face. Mark as Lost also hides Quick Settings and blocks new Wi-Fi and Bluetooth pairings, stopping thieves from cutting connectivity or pairing to other devices. Android further tightens everyday protections by reducing allowed PIN guesses, increasing delays between attempts, hiding one-time passwords from most apps for three hours, and enabling OS verification and post-quantum cryptography. For users, the main takeaway is that many defenses now work automatically—so long as you keep your device and apps updated.