TL;DR / At a Glance: Deployed directly via Google Play Services backend infrastructure, the June 2026 Android Feature Drop introduces Fake Call Detection natively into the Phone by Google app. Designed to eliminate phone number spoofing and highly convincing AI voice deepfakes, the framework replaces passive caller ID databases with an active RCS digital handshake. When an incoming call matches a saved contact, the system requires an end-to-end encrypted cryptographic token over the RCS network layer to verify identity. If a scammer spoofs the number via VoIP, the token is missing, prompting the system to silently query the real contact’s device before displaying a proactive “⚠️ This may not be [Name]” warning banner.”
Picture this real-world scenario: You’re crammed onto a peak-hour Rapid KL LRT train or sitting in an important corporate meeting when your phone buzzes. The caller ID flashes with a completely trusted name—it’s your mom, your regional director, or your bank’s official customer care line. You slide to answer, and a voice that sounds exactly like them, matching their precise cadence, pitch, and vocal ticks, informs you of an immediate, catastrophic financial emergency that requires you to transfer funds instantly.
The terrifying reality of modern digital fraud in Southeast Asia, and specifically across Malaysia, is that phone number spoofing paired with AI voice deepfakes has evolved from a theoretical threat into an incredibly profitable weapon. Scammers use standard Voice-over-IP (VoIP) routing to inject fake caller ID metadata into the network, forcing your device to display a trusted contact’s identity.
Until now, the default response was defensive common sense. But with the global release of the June 2026 Android Feature Drop, Google is deploying a brilliant, supply-chain-level cryptographic shield inside your phone to permanently eliminate this exact vector.
The Silent Backend Deployment
The most fascinating aspect of this security rollout is how it’s landing on your hardware. Google is entirely bypassing the traditional, notoriously sluggish carrier over-the-air (OTA) firmware release cycles. Instead, this feature bundle is deploying directly through Google Play Services backend infrastructure.
While mainstream tech coverage is entirely distracted by lifestyle updates—like the new Circle to Search whole-outfit visual scanning tools or the Google Photos Digital Wardrobe framework—the true engineering masterpiece is running silently behind the scenes inside the default Phone by Google app.
Historically, your mobile phone blindly trusted whatever caller ID metadata the incoming carrier network packet declared. Google’s new Fake Call Detection framework completely destroys that legacy trust model, replacing user-reported spam lists with real-time network cryptography.
How It Works: The RCS Digital Handshake
Instead of relying on a static database of known bad actors like traditional caller ID apps, Google is utilizing active, cross-device verification architecture running on top of existing Rich Communication Services (RCS) infrastructure.
Google RCS Fake Call Detection Flow
| Phase Profile | Network Activity | UI Threat Mitigation |
| 1. The Incoming Call | Scammer device spoofs local Caller ID to display a saved contact name (e.g., “Mom”) via VoIP network routing. | Phone by Google app intercepts the call and scans for an encrypted background authentication packet. |
| 2. The Token Validation | System detects that the mandatory end-to-end encrypted cryptographic confirmation token is missing from the stream. | Incoming call screen remains on standby while the device triggers an out-of-band verification loop. |
| 3. The Active Status Ping | Victim’s device silently sends a lightning-fast query over the RCS layer to the real contact’s physical hardware phone. | Real device instantly responds with an automated negative status token, confirming: “I am currently idling/not placing a call.” |
| 4. The Proactive Alert | System flags the security discrepancy and immediately interrupts the default full-screen calling interface. | Displays a high-visibility warning banner: “⚠️ This may not be Mom” advising the user to terminate the session before the voice deepfake can pitch. |
This automated back-channel validation loop turns your contact list into a living security perimeter. If both you and your contact are running the Phone by Google app on Android 12 or above, an authentic call will automatically transmit a silent, end-to-end encrypted token over the RCS network layer simultaneous to the voice call routing. This acts as a digital handshake, verifying that the call originated from the specific physical hardware tied to that number.
When a scammer spoofs the identity, that critical cryptographic signature doesn’t exist. By forcing the victim’s phone to check back with the real contact’s hardware over an out-of-band network ping, Google breaks the psychological urgency manufactured by fraudsters. The warning banner cuts through the panic, instructing you to hang up before the AI voice can even begin its social engineering pitch.
System Bottlenecks & SEA Operational Realities
While Fake Call Detection is an extraordinary milestone for personal mobile safety, its technical design introduces distinct operational boundaries that tech professionals must understand:
The Double-Sided Ecosystem Lock
For this cryptographic background handshake to successfully execute, both ends of the voice call must be actively running Android 12 or above with active Google Messages RCS configurations enabled. Furthermore, the official Phone by Google application must be designated as the default system dialer on both devices.
The Third-Party Skin Problem
While major manufacturers like Xiaomi are moving aggressively to integrate these open security APIs directly into their global HyperOS skins, users running proprietary custom dialers from legacy brands or highly customised regional carrier firmware will remain unprotected by the default automated token validation block.
The iOS Black Box
This is the single largest structural blind spot in the rollout. While Apple has updated iOS to support core RCS profile messaging frameworks, Google’s fake call cryptographic verification architecture currently remains entirely exclusive to the Android framework. If an impersonated contact is calling you from an iPhone, the background token exchange will fail to communicate, leaving the system unable to automatically verify the caller’s physical device status.
Other Little Things
1. Zero Latency Overhead
A major concern during internal testing was whether an active out-of-band RCS status ping would introduce noticeable connection delay before a user could answer. Thanks to high-bandwidth optimization layers, the background cryptographic handshake and status ping complete in under 240 milliseconds, meaning the phone rings in real time without any operational lag.
The Adam Lobo Verdict: Cryptography Over Databases
Google’s implementation of Fake Call Detection in the June Android Feature Drop shifts the mobile security paradigm from a reactive database approach to proactive cryptographic validation. It acknowledges a harsh reality: in a world where AI deepfakes can perfectly clone human voices in seconds, we can no longer afford to trust metadata on a screen.
By forcing devices to verify their physical presence over an encrypted RCS handshake, Google has built a formidable barrier against spoofing fraud. It isn’t a flawless global shield just yet due to its Android-to-Android restrictions, but it is the most sophisticated, hardware-level defense we have ever seen deployed into the palm of our hands.
