This Week, Google Announced a Number of Security Updates for Android.
During The Android Show: I/O Edition, Google announced a slew of new features and improvements for Android. Among them are a number of security and privacy tools that Google hopes will protect users (and their data) from fraud and theft. Android already has a number of security features— call fraud alerts , anti-theft settings , and a lockdown mode called Advanced Protection, to name a few—that these new features largely build on and enhance. Here’s what’s new.
Android will automatically end calls that use fake financial institution numbers.
Last year, Google introduced a feature to protect against scammers posing as banks who might try to steal your credentials or convince you to transfer money. In-call pop-ups warn you if you try to open a financial app while on a call with an unknown number, preventing you from sharing your screen with scammers. Now, Android will also attempt to verify calls purporting to be from financial institutions and reject the call if it detects a fraudulent call. If you have a participating bank’s app installed on your device and are signed in, Android will use that app to verify your identity. This feature will initially be available to users of Android 11 and above who are Revolut, Itaú, and Nubank customers—meaning it won’t be available to US customers yet—but Google plans to expand its rollout to other institutions later this year.
Real-time threat detection enhances detection capabilities for malicious applications.
Live Threat Detection is an AI-powered on-device security feature that continuously scans app activity patterns to identify anything suspicious or potentially malicious. Initially targeted at spyware, it has since become more effective at detecting malware. Live Threat Detection now checks for SMS forwarding (if an app forwards a message to another number) and accessibility overlays that use the overlay permission.
Later this year, Android 17 devices will also receive dynamic signal monitoring, which identifies suspicious patterns in real time. You’ll receive alerts if apps engage in behavior such as abusing accessibility permissions, changing or hiding their icons, or running in the background.
Advanced anti-theft systems make it harder for criminals to steal your data.
Google announced a number of improvements to combat the consequences of device theft. First, the “Mark as Lost” feature in Android 17 will work with biometric authentication, preventing thieves from accessing your phone if they know your password or PIN. When enabled, “Mark as Lost” will hide Quick Settings and block new Wi-Fi and Bluetooth connections. On supported devices, thieves will have fewer attempts to guess your password or PIN, and the wait time between unsuccessful attempts will be increased.
Existing anti-theft features on Android devices, such as remote lock and theft detection lock, will now be enabled by default on new devices shipping with Android 17, as well as those that have been factory reset or updated to the latest OS version. These features will also be available in select markets, including Argentina, Chile, Colombia, Mexico, and the UK, starting with Android 10.
Finally, on Android 12 and later, you can view your phone’s IMEI on the lock screen for quick device verification. (You can also disable this feature in Settings.)
The location sharing feature is getting improved privacy protection.
Android already has the ability to disable precise location sharing in favor of approximate location . Going forward, devices running Android 17 will be able to temporarily access precise location while a specific app is open, without having to update settings or request repeated permissions. Temporary location access is disabled when the app is closed, so after you find the nearest coffee shop, your precise location will no longer be visible. Users will also see a location indicator at the top of the screen and can tap it to see which apps have recently used their location.
Another privacy improvement: instead of having complete and broad access to all your address book data, apps can now request access to specific contacts and even specific fields, so you don’t have to share everything.
Extended protection will become stronger.
Android Advanced Protection is more than sufficient for most users in everyday use, but it provides robust protection for users at high risk of fraud, scams, and theft. Pixel devices running Android 16 and above will now have USB protection, and all devices with the December update of Android 16 and later will receive the intrusion detection feature. (This feature is currently being rolled out.) Updates to Android 17 include the removal of accessibility services from apps that are not accessibility tools, disabling cross-device unlocking, and integrating fraud detection into chat notifications.
Google is also implementing Android OS verification to ensure your device is running a legitimate build, and will hide OTP codes from most apps for three hours to prevent theft.