Android: Google expands AI protection against fraud and malware

Contents

At the edge of the Android Show – I/O Edition, Google announced new security measures for Android. In addition to enhanced theft protection, the company presented a host of other AI-based protective measures.

Protection against Spoofing

As Google explains in its blog post, the company is working with selected banks and financial institutions to protect their customers with so-called “verified financial calls.” This is a protection against fraudulent calls intended to keep users' money and personal data safe. According to Google, the function protects against calls from fake numbers that impersonate participating financial apps. Calls from such numbers are automatically terminated; the respective bank app must be installed on the device for this to work. Initial banks collaborating with Google include Revolut, Itaú, and Nubank, with more to follow throughout the year. According to Google, such scam calls cause an estimated $980 million in damages worldwide per year. The function requires at least Android 11.

Google is also expanding real-time threat detection: the function uses local AI on the device to analyze suspicious app behavior – such as SMS forwarding or misuse of accessibility services – and warn the user.

With Android 17, app interactions with the system will be monitored in real-time to detect malicious patterns, such as hiding or changing app icons or running applications in the background. Google calls this function dynamic signal monitoring. The company can also “dynamically roll out rules to provide better protection against new and emerging threat behaviors.” Dynamic signal monitoring is expected to be introduced in the second half of the year.

Also new is “Chrome App Safety”: App security on Android will be enhanced with an additional layer of protection when downloading. If users have “Safe Browsing” enabled and want to download an app, Google checks the APK file for known malware and, if necessary, prevents the download.

With Android 17, Google is also expanding Android's protection features by revoking access to the accessibility service for all apps not designated as accessibility tools. Furthermore, Google is disabling device-to-device unlocking and Chrome WebGPU support. The company is also integrating fraud detection for chat notifications. Later this year, Android Enterprise is set to receive support for “Advanced Protection,” allowing companies to enable this protection via policy for managed devices.

More Control over Location Sharing

With Android 17, users will also gain more control over app location sharing: a new location button will be integrated into the system, allowing users to temporarily share their precise location for specific tasks as long as a particular app is open. This is ideal for quick tasks, such as finding a nearby cafe. The permission will be revoked immediately after use, preventing unnecessary tracking. Google had already announced this innovation with the Beta 3 of Android 17.

Additionally, a location indicator will be displayed at the top of the screen when the location is actively being used. Also new is a so-called contact picker, which allows apps to access only selected contact data instead of the entire address book.

Protection for One-Time Passwords

Google is also securing its system in other areas: fraudsters often try to steal one-time passwords (OTPs) from SMS messages to hijack private accounts. To protect users from this, Android will now automatically hide security codes from most apps for three hours. Google aims to ensure that OTPs remain protected from unauthorized access during their validity period.

Furthermore, with Android 17, Google is integrating a switch to disable 2G mobile communication (GSM). Mobile network operators will have the option to configure this setting so that 2G is deactivated by default, proactively protecting customers from security vulnerabilities of older technologies in areas where the 2G infrastructure is no longer maintained.

At the system level, Google is integrating an operating system verification with Android 17. This has become necessary as some criminals have started distributing unofficial, modified versions of the operating system that are designed to look like legitimate software. “These malicious versions are designed to deceive users by mimicking the official operating system while secretly compromising your device's integrity,” Google explains. This new protection feature will initially be available on Pixel devices.

Empfohlener redaktioneller Inhalt

Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.

Preisvergleiche immer laden Preisvergleich jetzt laden

Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.

(afl)