Google's New RCS Verification Feature Targets Spoofed Calls
Google has announced a new Android security feature designed to detect and flag spoofed phone calls. The system leverages the RCS communication standard to verify the legitimacy of incoming calls between Android devices.
Key Details
- The feature is built into the Google Dialer and will roll out to Android phones running Android 12 or later.
- When an Android user calls another Android user, the caller's device sends a silent background confirmation signal to the recipient's device to verify the call originates from a legitimate smartphone.
- If the verification fails, the recipient sees a pop-up warning: "This may not be [contact name]. Someone may be pretending to call from your contact's number." The system also removes the contact photo from the call screen and changes the call log entry to "Unknown caller."
"The feature provides a provable way to verify call legitimacy."
— Dave Kleidermacher, Android's VP of security and privacy
Context
Spam calls remain a persistent problem, with attackers increasingly using AI voice-cloning tools to impersonate acquaintances or family members. Google's approach aims to provide a higher-confidence verification method rather than relying solely on AI-based detection, which can produce false positives or negatives and lead to an arms race.
Official Statements
According to Dave Kleidermacher, if both parties use compatible Google Dialer and are in each other's contacts, the system will always indicate if a call is genuinely from that contact. Eugene Liderman, director of Android security and privacy product, also participated in the announcement.