On Tuesday, Google took the stage at the Android Show, just ahead of Google I/O, to unveil a transformative array of security and privacy enhancements for Android.
These advancements, meticulously crafted to shield users from scams, secure stolen devices, and strengthen device-level defenses, mark a significant step forward in addressing the evolving landscape of cyber threats. With protections spanning call safety, screen-sharing safeguards, messaging security, theft prevention, and system-wide fortifications, Google is weaving a comprehensive safety net for Android users.
Many of these features will debut with Android 16, while others extend to devices running as far back as Android 6, ensuring broad accessibility.
Register for Tekedia Mini-MBA edition 17 (June 9 – Sept 6, 2025) today for early bird discounts. Do annual for access to Blucera.com.
Tekedia AI in Business Masterclass opens registrations.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register to become a better CEO or Director with Tekedia CEO & Director Program.
Safeguarding Calls Against Phone Scams
The scourge of phone scams, where attackers manipulate users into clicking malicious links or installing harmful apps, lies at the heart of Google’s call protection strategy. For Android 16, Google is introducing dynamic safeguards that activate during calls with unknown contact numbers not stored in a user’s contact list. These measures prevent users from sideloading apps from unverified sources, such as web browsers or messaging apps, during such calls, effectively blocking scammers from sneaking malicious software onto devices.
Similarly, the system bars apps from gaining accessibility permissions, a tactic often exploited to grant scammers remote control. To ensure continuous vigilance, Google is also locking down Google Play Protect on devices running Android 6 or later, preventing users from disabling this critical app-scanning tool during calls. This real-time intervention creates a robust barrier, alerting users to potential scams and halting risky actions when they’re most vulnerable.
Strengthening Screen-Sharing Defenses
Screen-sharing, a growing avenue for fraud, is another focal point. Scammers frequently pose as trusted entities to trick users into exposing sensitive information during shared sessions. Google’s response is twofold. First, Android devices will now prompt users to stop sharing their screens once a call ends, reducing the chance of inadvertently leaking data.
Second, in a targeted pilot with select U.K. banks, Google is testing a warning system for devices running Android 11 or later. When a user opens a partner bank’s app while sharing their screen during a call with an unknown number, a prominent alert warns of a possible scam, complete with a button to instantly end the session. This initiative, currently localized to the U.K., showcases Google’s willingness to collaborate with industry partners to tackle region-specific threats, with potential for global expansion if the pilot proves effective.
Fortifying Google Messages with AI and Encryption
In the realm of messaging, Google Messages is undergoing a significant security overhaul. Building on an AI-driven anti-scam feature launched in March 2025, Google is enhancing its on-device detection to identify a broader spectrum of fraudulent schemes, including cryptocurrency scams, gift card fraud, toll road and billing fee ruses, financial impersonation, and fake technical support.
By analyzing conversation patterns locally, this system alerts users to threats without compromising privacy, offering a seamless yet powerful layer of protection. Complementing this, Google is introducing verification keys to the Google Contacts app, set to launch in summer 2025 for Android 10 and later. This feature allows users to authenticate contacts via QR code scanning or number matching, ensuring end-to-end encrypted conversations in Google Messages. If an attacker hijacks a contact’s number through a SIM swap, the app flags the conversation as “unverified,” providing a clear visual cue to users. This blend of AI and encryption fosters trust and security in digital communications.
Locking Down Stolen Devices
Device theft, a persistent threat, is addressed through a suite of protections that render stolen phones nearly unusable and safeguard user data. Google’s Identity Check, previously exclusive to Pixel and Samsung devices with OneUI 7, is expanding to other manufacturers with Android 16. This feature mandates biometric authentication—such as fingerprint or facial recognition—for critical actions like changing a PIN, updating biometrics, disabling theft protection, or accessing Passkeys, but only when the user is outside trusted locations.
Reinforcing the Android Ecosystem
Later in 2025, Google will bolster Factory Reset protection, restricting core functions on devices reset without the original lock pattern, PIN, or Google account credentials, making stolen phones less appealing to thieves. To counter remote locking attempts, a new security challenge question adds an extra authorization step. Additionally, Android 16 will hide one-time passwords when a device is offline and hasn’t been recently unlocked, thwarting attackers seeking to intercept sensitive codes.
Beyond these targeted protections, Google is fortifying Android’s broader ecosystem. Google Play Protect’s live detection, available in the coming months for Android 6 and later, will gain the ability to spot apps with hidden or altered icons, a common hallmark of malicious software. New on-device rules will further expand its ability to catch diverse categories of harmful apps, ensuring comprehensive threat coverage.
For high-risk users like public figures, Google is enhancing its Advanced Protection Mode with tailored on-device features, though specifics remain under wraps. Meanwhile, the debut of Find My Hub introduces a user-friendly way to track items, friends, and family, seamlessly integrating security with everyday convenience.
The rollout of these features is strategically timed to maximize impact. Android 16 will usher in call protections, Identity Check expansion, and one-time password safeguards, while Factory Reset enhancements and Google Play Protect upgrades are slated for late 2025 and the near term, respectively. The Google Messages verification keys will arrive in summer 2025, and the U.K. banking app warning system remains in testing, with its future expansion contingent on success.