Android Fake Call Detection Targets AI Deepfakes: RCS Handshake Verifies Caller Devices
Android Fake Call Detection Targets AI Deepfakes: RCS Handshake Verifies Caller Devices
Publish Date: 2026-06-08 11:11:00
Source Domain: www.techtimes.com
Google began rolling out Fake Call Detection to Android 12 and later devices on June 2, 2026 — an industry-first feature that uses an end-to-end encrypted RCS cryptographic handshake to determine whether a call from a saved contact is actually originating from that person’s phone. The rollout starts on Pixel devices and expands to all compatible Android hardware this month, addressing a fraud vector that INTERPOL’s March 2026 Global Financial Fraud Threat Assessment linked to an estimated $442 billion in global losses last year.
The feature arrives as AI voice cloning has made the old heuristic of “I recognize the voice” functionally useless. Security researchers confirmed in May 2026 that synthetic voices have reached a threshold of realism at which most people can no longer reliably distinguish a cloned voice from a real one. The June 2026 Feature Drop also ships Credential Exchange Standard support via Google Play Services v26.21 — breaking down the wall between Google Password Manager and third-party managers — and begins the rollout of Digital Wardrobe in Google Photos to users in the United States, India, and Brazil starting this week.
Android Fake Call Detection: RCS Device Verification Against AI Voice Cloning
Fake Call Detection operates on what Google calls a device attestation model built over the Rich Communication Services (RCS) protocol, the open GSMA standard that runs over SIP/IMS infrastructure and powers the encrypted messaging backbone in Google Messages. When a saved contact calls, their Phone by Google app sends a silent, real-time cryptographic confirmation token over the RCS signaling layer to the recipient’s device. That token confirms the call is genuinely originating from the contact’s registered hardware — not routed through VoIP software with a spoofed caller ID.
If the token is absent — as it would be in a spoofing attack, where the fraudster’s call never touches the contact’s actual device — the recipient’s phone makes a…
