Google is working on adding built-in protection against phishing on Android, according to a report from Android Police. This means the feature will scan apps for signs of phishing or other deceptive actions. For those unaware, phishing is a type of cyberattack where hackers try to trick users into sharing sensitive information.
In the latest Android 14 QPR2 Beta 2 release, a hidden “scanning for deceptive apps” page was discovered under Settings → Security & privacy → More security & privacy. Once activated, this feature will check app activity for signs of phishing or deceptive behavior.
The scanning is said to run privately on the device, and if any deceptive behavior is found, some app information is sent to Google Play Protect to confirm the threat and warn users.
Although the exact details of how Android detects deceptive apps are not clear, a look at Android 14 QPR2’s decompiled source code reveals a new system service called “ContentProtection.”
This service appears to identify when an app is trying to display a password field or request related information like usernames, emails, phone numbers, or login credentials. Android uses a blocklist to prevent this mechanism on certain apps and checks whether an app is a system app or requests Internet permission.
This upcoming anti-phishing measure in Android adds to other real-time security features implemented by Google Play Protect. However, its effectiveness in the face of rapidly evolving malware remains to be seen.