GoKawiilTL;DR Google is introducing a new RCS-based method for verifying the identity of incoming callers.
Unlike carrier-based authentication system, this one just requires that you and your caller are running Google Phone, Messages, and Contacts.
Availability is getting started with Pixel phones, but will extend to other handsets running Android 12 and later.
Compared to modern, secure communication systems, the ancient public telephone network has long felt like a weak link. While we still rely upon it to receive important information, it’s far too easy for bad actors to take advantage of its limitations, and try and fool us by impersonating callers we trust. Thankfully, Google’s been working on a solution, and shares how its new tool is going to work as part of today’s June Android Drop announcements.
Don’t want to miss the best from Android Authority? Set us as a favorite source in Google Discover to never miss our latest exclusive reports, expert analysis, and much more.
to never miss our latest exclusive reports, expert analysis, and much more. You can also set us as a preferred source in Google Search by clicking the button below.
Unlike call authentication protocols like STIR/SHAKEN that operate on a network level and require carrier support, Google’s new system is much simpler to implement widely, and operates more person-to-person. Basically, when you get an incoming call from one of your known contacts, your phone will silently communicate with the remote phone over an encrypted RCS link in order to verify the caller is who you expect it to be.
Even if someone’s able to spoof the incoming number, or maybe even use an AI tool to fake the caller’s voice, they wouldn’t be able to successfully respond to that encrypted RCS authentication step.
... continue reading