Stay organized with collections
Save and categorize content based on your preferences.
In Android 11 (API level 30) and higher, the platform supports the STIR/SHAKEN
protocols to provide a
secure and private method of verifying and communicating a caller's number to a
recipient when a call is placed. Android 11 and higher provide support for apps,
such as native dialers, call screening, and spam apps, to access the carrier
verdict data. This lets apps identify spam calls and inform users before
answering a call.
For devices running Android 11 and higher, call screening and spam apps that use
the CallScreeningService API
can access functionality to screen a call, enhancing user privacy and device
performance. Using this API, apps don't need to ask for individual permissions
and can get access to additional information that wasn't available through
standard permission requests in Android 10 and lower. The data available in this
API include:
Number of incoming or outgoing call
Notification of an incoming call and termination
Limited access to the system alert window for in-call and post-call screening
information
Ability to reject incoming calls
Call duration
Call disconnect reason
STIR/SHAKEN verdict
Implementation
Dialer apps, call screening apps, and spam apps should adopt the
CallScreeningService API. When a user selects the app as their default caller ID
and spam app, the app receives access to the
getCallerNumberVerificationStatus()
method, which surfaces the STIR/SHAKEN verdict from the carrier verification
mechanism for the STIR/SHAKEN protocol. This makes robocall detection possible.
Additionally, call screening apps can implement a post-call screen by invoking
the
ACTION_POST_CALL
intent action, which starts an activity that allows the user to mark a call as
spam or add a number to their list of saved contacts.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2023-10-26 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2023-10-26 UTC."],[],[],null,["# Prevent caller ID spoofing\n\nIn Android 11 (API level 30) and higher, the platform supports the [STIR/SHAKEN\nprotocols](https://en.wikipedia.org/wiki/STIR/SHAKEN) to provide a\nsecure and private method of verifying and communicating a caller's number to a\nrecipient when a call is placed. Android 11 and higher provide support for apps,\nsuch as native dialers, call screening, and spam apps, to access the carrier\nverdict data. This lets apps identify spam calls and inform users before\nanswering a call.\n\nFor devices running Android 11 and higher, call screening and spam apps that use\nthe [CallScreeningService API](/reference/android/telecom/CallScreeningService)\ncan access functionality to screen a call, enhancing user privacy and device\nperformance. Using this API, apps don't need to ask for individual permissions\nand can get access to additional information that wasn't available through\nstandard permission requests in Android 10 and lower. The data available in this\nAPI include:\n\n- Number of incoming or outgoing call\n- Notification of an incoming call and termination\n- Limited access to the system alert window for in-call and post-call screening information\n- Ability to reject incoming calls\n- Call duration\n- Call disconnect reason\n- STIR/SHAKEN verdict\n\n| **Note:** On 4G+ networks, because the SIP headers used by carrier networks contain personally identifiable information (PII), the headers aren't shared directly with apps to protect user privacy. The default caller ID and spam app can access the verdict information without accessing the SIP headers. \n|\n| In non-4G networks, the details of the CNAM are shared with dialer and call screening apps. The app can choose to display this data in full to warn users about possible spam calls.\n\nImplementation\n--------------\n\nDialer apps, call screening apps, and spam apps should adopt the\nCallScreeningService API. When a user selects the app as their default caller ID\nand spam app, the app receives access to the\n[`getCallerNumberVerificationStatus()`](/reference/android/telecom/Call.Details#getCallerNumberVerificationStatus())\nmethod, which surfaces the STIR/SHAKEN verdict from the carrier verification\nmechanism for the STIR/SHAKEN protocol. This makes robocall detection possible.\n\nAdditionally, call screening apps can implement a post-call screen by invoking\nthe\n[`ACTION_POST_CALL`](/reference/android/telecom/TelecomManager#ACTION_POST_CALL)\nintent action, which starts an activity that allows the user to mark a call as\nspam or add a number to their list of saved contacts."]]