Google streamed the Android Show: I/O Edition, previewing a suite of security upgrades set to hit Android 17. The focus centers on phishing‑style banking scam calls, a growing threat as spoofing tricks mimic official bank numbers. By tracking call origins, Android can now cancel suspicious calls before they reach users, and avoiding potential fraud.

To counter spoofing, Google partners with Revolut, Itaú and Nubank—banks that operate outside the U.S.—and will block numbers impersonating those institutions. When a blocked call is detected, the screen flashes a warning and the call ends automatically. The feature launches across Android 11 and newer devices this year, providing users immediate protection.

Android’s Live Threat Detection will soon spot more malicious apps by monitoring dynamic signals like SMS forwarding and deceptive accessibility permissions. These updates roll out with Android 17 later this year, expanding the system’s ability to flag suspicious behavior before installation or during runtime. The move tightens the platform’s defense against app‑based scams for users.

Additional theft‑prevention tweaks include a new Failed Authentication Lock that lets owners lock a lost device with biometric credentials instead of a PIN, preventing thieves from accessing data. When a phone is marked lost, it remains unusable until a biometric unlock occurs. Finally, a location‑toggle button limits app access to precise GPS only while open.