In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls.
The new features, powered by Gemini Nano AI models operating entirely on-device, aim to combat the $1 trillion global scam industry exploiting conversational vulnerabilities in mobile communications.
Scam Detection Architecture for Messages
The messaging protection layer integrates with Google Messages (v2025.3.1+), analyzing SMS, MMS, and RCS protocols in real-time using Tensor Processing Unit (TPU)-accelerated machine learning models.
The system employs a BERT-based natural language processing pipeline (similar to GitHub project SMS-BERT-v3) to detect 27 identified scam patterns, including:
When the on-device AI scores a message above the 0.87 confidence threshold, users receive a warning overlay with options to BLOCK_SENDER, REPORT_TO_GSF (Google Security Framework), or dismiss the alert.
The system cross-references links against Google’s Safe Browsing API (v4.2) and validates sender IDs through the Number Verification Service (NVS).
Call Protection Through Audio Pattern Analysis
For voice calls, Pixel 9 devices utilize Gemini Nano’s multimodal capabilities to perform real-time audio analysis through the Phone app (v97.3+). The AI monitors for:
- Payment coercion markers (e.g., “gift cards”, “wire transfer”)
- App installation prompts triggering APK hash checks
- Spoofing indicators via STIR/SHAKEN protocol anomalies
When detecting high-risk patterns, the system issues haptic alerts (vibration pattern 0x5F.2A) and displays on-screen warnings using Material Design 3 components.
A dual-tone 1.2kHz/800Hz beep (RFC 4733 DTMF code) notifies both parties of active monitoring at call initiation.
Privacy-Preserving Implementation
Both systems employ differential privacy techniques through:
- Federated learning (TensorFlow Federated v2.9)
- On-device processing (Android Protected Confirmation API)
- Ephemeral data handling (messages deleted after 120s processing window)
Message analysis occurs in Android’s Isolated Computing Environment (ICE) sandbox, while call processing uses the Titan M3 security chip’s encrypted memory partitions.
Scam Detection in Google Messages is starting in English first in the U.S., U.K., and Canada and will expand to other countries soon.
Google collaborated with 18 financial institutions, including JPMorgan Chase (API integration via PLAID) and HSBC (SWIFT Alert System), to train detection models on 4.7 million verified scam samples.
The initial launch in the United States and Canada sees full activation of message protection features immediately, with call detection capabilities scheduled for March 20 on Pixel 6 and newer devices running Android 15 or higher.
Beta testing showed 63% reduction in successful SMS scams and 41% decrease in call-based fraud across 50,000 Pixel 9 users. The Android Security Team confirms plans to open-source detection heuristics through AOSP’s new Anti-Fraud Library in Q3 2025.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free