Google introduces RCS-based anti-scam feature to verify caller identity on Android
The feature, available for Android 12 and later, flags potential impersonation attempts by removing contact photos and displaying 'Unknown caller' labels when verification signals are missing.
Google has launched a new anti-scam capability within the Google Dialer app designed to detect and flag spoofed calls on Android devices running version 12 and later. The update utilises the RCS (Rich Communication Services) communication standard to digitally bind a phone number to a specific smartphone handset. When a call is made, the device sends a silent, real-time background confirmation signal to the recipient. If the call originates from a different device—such as via VoIP or number spoofing—the signal is absent, prompting the dialer to flag the call as a potential scam.
The mechanism addresses the escalating threat of AI-powered voice-cloning scams, where attackers mimic acquaintances or family members in real time. Previous detection methods have improved but have not eliminated the problem, particularly for invasive impersonation scams that slip through traditional filters. Google executives Dave Kleidermacher, vice president of security and privacy, and Eugene Liderman, director of Android security and privacy product, emphasised that relying solely on AI to detect voice clones is insufficient due to potential false positives and negatives, as well as an ongoing arms race with attackers.
When the feature flags a call as a scam, it instantly removes the contact photo from the backdrop of the call to underscore the seriousness of the situation. It also changes the entry in Android’s recent call log to say "Unknown caller" instead of displaying the contact name. A pop-up warning appears on the screen stating: “This may not be [Contact Name]. Someone may be pretending to call from your contact's number.” The feature is built on the RCS standard to maximise interoperability across various platforms, although its immediate impact is limited to Android-to-Android calls using Google Dialer.
Android 12 was released in 2021, making the requirement for this OS version applicable to a wide range of existing devices globally. Kleidermacher noted that if both parties are in each other’s mutual contacts and using the Google Dialer with this capability, the recipient will always know if the call is legitimate. He stated that if someone tries to call through a VoIP session or other mechanism to spoof a number and voice, the Dialer will identify that it is not the genuine contact.
Apple has not confirmed whether it plans to implement a similar feature in iOS. Google built the feature on RCS to ensure it is maximally interoperable with as many platforms as possible. Kleidermacher said he hopes the feature will play a role in protecting people from scams that can fool anyone, noting that some attacks are devastating and can result in significant financial loss. The update aims to combat AI-powered voice-cloning scams and number spoofing, addressing limitations in previous detection methods that have struggled with invasive impersonation.
