Full Report
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle. Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications. These efforts are making a real difference in the lives of Android users. According to a recent YouGov survey1 commissioned by Google, Android users were 58% more likely than iOS users to report they had not received any scam texts in the prior week2. But our work doesn’t stop there. Scammers are continuously evolving, using more sophisticated social engineering tactics to trick users into sharing their phone screen while on the phone to visit malicious websites, reveal sensitive information, send funds or download harmful apps. One popular scam involves criminals impersonating banks or other trusted institutions on the phone to try to manipulate victims into sharing their screen in order to reveal banking information or make a financial transfer. To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps. How the in-call scam protection works on Android When you launch a participating financial app while screen sharing and on a phone call with a number that is not saved in your contacts, your Android device3 will automatically warn you about the potential dangers and give you the option to end the call and to stop screen sharing with just one tap. The warning includes a 30-second pause period before you’re able to continue, which helps break the ‘spell’ of the scammer's social engineering, disrupting the false sense of urgency and panic commonly used to manipulate you into a scam. Bringing in-call scam protections to more users on Android The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money. Following this success, and alongside recently launched pilots with financial apps in Brazil and India, we’ve now expanded this protection to most major UK banks. We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps. Today, we’re taking the next step in our expansion by rolling out a pilot of this protection in the United States4 with a number of popular fintechs like Cash App and banks, including JPMorganChase. We are committed to collaborating across the ecosystem to help keep people safe from scams. We look forward to learning from these pilots and bringing these critical safeguards to even more users in the future. Notes Google/YouGov survey, July-August, n=5,100 (1,700 each in the US, Brazil and India), with adults who use their smartphones daily and who have been exposed to a scam or fraud attempt on their smartphone. Survey data have been weighted to smartphone population adults in each country. ↩ Among users who use the default texting app on their smartphone. ↩ Compatible with Android 11+ devices ↩ US users of the US versions of the apps; rollout begins Dec. 2025 ↩
Analysis Summary
# Industry News: Android Intensifies Fight Against Financial Scams with Expanded In-Call Protection Rollout
## Summary
Google is expanding its pioneering in-call scam protection feature for the Android ecosystem, moving beyond a UK pilot to major launches in the US and additional features in Brazil and India. This initiative leverages Google AI to disrupt sophisticated social engineering attacks, specifically those manipulating users into sharing screens during fraudulent financial calls.
## Key Details
- Date: December 3, 2025 (Announcement Date)
- Companies Involved: Google (Android), JPMorgan Chase, Cash App, and various other UK and international financial/fintech institutions.
- Category: Product Launch / Feature Expansion
## The Story
Android is enhancing its multi-layered defense against mobile scams by rolling out in-call scam protections to more users and app types. Following a successful UK pilot, this feature is now launching in the United States with key partners like JPMorgan Chase and Cash App. The protection automatically triggers when a user is on a call with an unsaved number while simultaneously launching a participating financial app AND screen sharing. The system imposes a 30-second mandatory pause and displays a warning, designed to interrupt the high-pressure "social engineering spell" commonly used by scammers to solicit sensitive data or wire transfers. The program is also being extended to peer-to-peer (P2P) payment applications globally. Initial survey data suggests Android users report notably fewer scam texts than iOS users, setting a high bar for security performance.
## Business Impact
### For the Companies Involved
- **Google:** Reinforces Android's value proposition as a secure mobile platform, especially for sensitive mobile banking tasks. Successful localized pilots build credibility for future OS-level security features.
- **Financial Institutions (JPMorgan Chase, Banks, Fintechs):** Reduces liability and customer loss associated with social engineering fraud facilitated through mobile devices. Deep integration with OS-level security offers a significant trust differentiator.
### For Competitors
- **Apple/iOS:** Puts competitive pressure on Apple to implement similar, OS-integrated defenses against in-call/screen-share vector scams, particularly as these financially motivated attacks become platform-agnostic in their goals.
- **Other Mobile OS Providers:** Sets a heightened bar for user protection mechanisms leveraging AI and context awareness (call state + app usage).
### For Customers
- **Enhanced Financial Safety:** Users engaging in sensitive transactions on Android devices gain an automatic, context-aware safety net against sophisticated manipulation tactics.
- **Breaking the Urgency Cycle:** The mandatory 30-second pause is a crucial behavioral intervention mechanism against panic-driven decision-making.
### For the Market
- **Security Standardization:** Signals an industry trend toward deeper, cross-application security coordination at the operating system level, moving beyond simple application-level warnings.
- **Fintech Adoption:** Encourages broader adoption of P2P and fintech applications by mitigating associated fraud risks, boosting consumer confidence in digital finance tools.
## Technical Implications
The feature utilizes sophisticated contextual analysis, identifying three concurrent triggers: an active phone call involving an unknown number, active screen sharing, and the foregrounding of a protected financial application. The implementation of a forced pause demonstrates a technical reliance on interrupting user workflow, effectively pitting predictable OS enforcement against rapid social engineering tactics. This relies on Android 11+ compatibility.
## Strategic Analysis
- **Market Positioning:** Google is positioning Android as the proactive leader in mobile user protection against evolving fraud vectors, distinguishing itself from competitors through deep, AI-driven contextual security enforcement.
- **Competitive Advantage:** The specific defense against *in-call screen sharing scams* addresses a particularly insidious, high-value threat vector that is difficult for traditional anti-malware solutions to catch.
- **Challenges:** Success is entirely dependent on the willingness and speed of financial partners to integrate and pilot the protection. Geographic scaling also requires constant adaptation to regional scamming patterns.
## Industry Reactions
While specific commentary is not provided, the move is likely seen by security analysts as a necessary evolution for operating systems, acknowledging that threats are increasingly moving from malware exploitation to sophisticated human manipulation (social engineering). The initial survey data comparing Android/iOS susceptibility to *text scams* already frames Android as potentially leading the pack in baseline protection effort.
## Future Outlook
- **Expansion of Protected App Categories:** It is highly likely Google will expand this protection logic to other high-risk areas beyond core banking, such as digital identity verification apps, cryptocurrency wallets, and possibly government service portals.
- **Global Deepening:** Expect further rollouts across major global markets where financial mobile fraud is prevalent, following the pattern established in the UK, Brazil, and India.
## For Security Professionals
This development underscores the shift in focus from pure endpoint hardening (e.g., patching) to **behavioral intervention engineering**. Security teams must recognize that user interaction models (like screen sharing during voice calls) are now prime targets for high-impact scams, necessitating OS-level context monitoring to break the attacker's narrative control.