Google has outlined a series of updates introduced in 2026 to strengthen security and privacy across Android devices. These changes focus on protecting users from scams, improving on-device threat detection, and giving more control over personal data. Many updates are tied to Android 17, while others roll out across earlier versions. The company continues to center on AI-driven protections and system-level safeguards to address evolving threats such as fraud, malicious apps, and device theft.
Key Android Security and Privacy Updates in 2026
One key addition is protection against banking scam calls. Android now verifies incoming calls from financial institutions using supported apps. If a call is flagged as spoofed, the system can automatically end it, reducing fraud risk.
Google has expanded its Live Threat Detection system, which uses on-device AI to monitor app behavior in real time. The update includes warnings for suspicious actions such as SMS forwarding and misuse of accessibility permissions. A new feature called dynamic signal monitoring tracks app interactions to detect unusual patterns and alert users. For Chrome on Android, safeguards during app downloads are added. When users attempt to install APK files, the system can check for known malware and block unsafe downloads if Safe Browsing is enabled.
The Advanced Protection feature, bundling several security tools into one setting, is also expanded. Updates include USB protection, intrusion logging for forensic analysis, and restrictions on accessibility services for non-accessibility apps. Google is also enabling enterprise-level support for these protections.
Device theft protection has been enhanced with features like "Mark as lost," which now supports biometric locking. Other measures include limiting repeated password attempts and enabling automatic protections like Remote Lock and Theft Detection Lock on supported devices.
Privacy settings have been updated. Android 17 introduces a temporary location sharing option that lets apps access location data only when in use. A new indicator shows when location data is accessed, along with recent usage details. Google is also introducing a contact picker that limits app access to only selected contacts, rather than the entire address book.
On the AI front, Google is enhancing privacy through technologies such as Private Compute Core and AISeal with pKVM, which process data in a secure, isolated environment. These updates are guided by principles including user control and data protection.
Additional updates include Android OS verification to help users confirm their device runs official software, protections for one-time passwords that hide them from most apps for a limited time, support for disabling 2G connectivity in certain regions, and post-quantum cryptography to strengthen long-term data security.
Together, these changes reflect a broader effort to improve security across devices, apps, and networks, while giving users more transparency and control over how their data is accessed and used.
