Android Raises the Bar on Mobile Security with Smarter, On-Device Protections

In a significant push to redefine mobile security, Android has announced a powerful set of new protections designed to combat scams, fraud, and theft—directly on the device and in real time. The upgrades, outlined in a blog post by Dave Kleidermacher, VP of Engineering for Android Security and Privacy, represent a more intelligent, proactive direction for the world's largest mobile platform.

Android’s intelligent protections aren’t just theoretical — they’re battle-tested. Independent security experts consistently rank top Android devices as best-in-class for mobile protection, with the Pixel 9 Pro leading the charge in anti-fraud efficacy. These third-party validations underscore Android’s security leadership and highlight how Device Trust builds on that foundation to offer enterprise-grade protection far beyond what’s currently possible on iOS.

4o

Central to this update is the rollout of in-call threat protections, which aim to prevent users from performing risky security actions during phone conversations with unknown contacts. This includes blocking attempts to disable Google Play Protect, sideload unverified apps, or grant accessibility permissions that could allow malicious control. These protections are entirely on-device and never apply to calls with contacts.

Android is also piloting enhanced screen-sharing protections in collaboration with UK banks Monzo, NatWest, and Revolut. When a user opens a banking app while screen sharing with a non-contact, the system will trigger a warning and give the option to stop sharing and end the call—an early step in stopping real-time fraud before it unfolds.

On the messaging front, AI-powered Scam Detection in Google Messages is being expanded beyond package delivery and job scams. The updated system now flags a broader range of threats, including “toll road and other billing fee scams, crypto scams, financial impersonation scams, gift card and prize scams, and technical support scams,” according to Kleidermacher. Notably, the AI that powers this system runs entirely on-device, ensuring that private conversations stay private.

To bolster message authenticity, Android is also launching Key Verifier, which “allows you and the person you’re messaging to verify the identity of the other party through public encryption keys.” It’s designed to help users detect impersonation attempts, like those caused by SIM swap attacks, by flagging changes to key verification status in the Contacts app.

Android’s theft protection features are also getting a major boost. Kleidermacher noted that Remote Lock and Theft Detection Lock have already “helped protect data on hundreds of thousands of devices that may have fallen into the wrong hands.” Coming later this year, Android will harden Factory Reset protections and give users new control over Remote Lock via challenge questions.

Meanwhile, Google Play Protect is receiving a serious AI upgrade. Using on-device machine learning to scan for malicious code patterns—textual or binary—the system can now catch deceptive apps even faster. “We’ve made Google Play Protect’s on-device capabilities smarter to help us identify more malicious applications even faster,” Kleidermacher wrote.

And for users who need heightened protection, Android 16 will expand access to Advanced Protection, Google’s strongest mobile defense, offering it as a device-level security setting.

The common thread through all these updates? Intelligence and autonomy. “We’re constantly enhancing your protection on Android through seamless Google Play services updates and other improvements,” Kleidermacher concluded, emphasizing that Android’s security approach is designed to evolve faster than the threats it faces.

In a mobile ecosystem increasingly targeted by fraud and abuse, Android is staking out its position: not just secure, but smart enough to fight back—before you even know you’re at risk.