Android Rolls Out Fake Call Detection to Combat AI Impersonation Scams

Google has begun rolling out a new Fake Call Detection feature for Android devices, designed to warn users when an incoming call may be impersonating a saved contact. Announced via the Google Security Blog on 2 June 2026, the feature is being distributed globally through the Phone by Google app on Android 12 and later, with the initial rollout starting on Pixel devices before expanding more broadly.

Feature Uses RCS Handshake to Verify Caller Identity in Real Time

Fake Call Detection works by establishing an encrypted signal between two devices using Rich Communication Services (RCS). When a contact calls, their device sends a silent confirmation in real time to verify the call is genuinely originating from that handset. If the signal is absent, as it would be when a scammer is spoofing a contact’s number, the recipient’s device pings the contact’s actual phone to double-check. If the contact’s device confirms no call is being made, a warning appears advising the recipient to hang up immediately.

The feature requires both parties to be running Phone by Google on Android 12 or later, with Google Messages and Google Contacts also installed. It is enabled by default and builds on Google’s earlier verified financial calls rollout, which uses a similar approach to confirm whether an incoming call is genuinely from a user’s bank. Google has also confirmed that, given the RCS underpinning, other app developers and device manufacturers can adopt the same technology across the Android ecosystem.

Impersonation Fraud Is Among the Fastest-Growing Scam Categories Globally

The launch comes as AI voice-cloning tools make caller impersonation significantly harder to detect. INTERPOL’s March 2026 Global Financial Fraud Threat Assessment cited impersonation fraud as one of the leading contributors to over $400 billion in global losses. The US FTC separately reported impersonation scam losses of $2.95 billion in 2024 alone, a figure widely expected to have grown since.

Impersonation fraud now extends well beyond individuals. AI-assisted voice cloning is increasingly deployed against businesses in social engineering and account takeover attacks, targeting employees, executives, and customer-facing teams alike. For organisations, the risk is not limited to the device layer. Fraudsters who successfully impersonate a trusted contact can initiate unauthorised transactions, extract credentials, or bypass onboarding controls.

Shufti’s impersonation fraud detection and behavioural biometrics solutions provide a verification layer that operates independently of caller ID, cross-referencing live biometric signals against identity records to confirm who is actually present.

Request a demo to see how Shufti protects against impersonation at the identity layer.