With a major expansion of AI-powered security initiatives, Google is stepping up its efforts to combat online fraud and enhance digital safety in India. As digital scams become more common, primarily through India’s UPI payment system and fake video call extortion schemes, Google is introducing a Safety Charter tailored to the country’s needs.
Unveiled as part of its broader strategy, the Safety Charter supports local cybersecurity, improves scam detection using AI, and ensures a safer online environment for users and businesses. This comes as India experiences a significant rise in digital fraud, with incidents tied to UPI payments increasing by 85% year-on-year, amounting to around ₹11 billion (US$127 million) in losses.
Google opens new security engineering centre in India
To address this growing threat, Google has launched its latest security engineering centre (GSec) in India — its fourth globally, following Dublin, Munich, and Malaga. First announced at the Google for India summit, the centre will work closely with the Indian government, academia, small businesses, and students. It aims to develop practical solutions to tackle online safety, privacy, and cybersecurity challenges, especially those unique to India’s rapidly digitising population.
Heather Adkins, Google’s Vice President of Security Engineering, said the centre will concentrate on three core areas: protecting individuals from scams, safeguarding government and business infrastructure, and developing responsible artificial intelligence.
She explained, “We want to solve what’s happening in India, close to where the users are. The engineering talent here allows us to do that effectively.”
Google has also partnered with India’s Ministry of Home Affairs through the Indian Cyber Crime Coordination Centre (I4C) to raise public awareness of cyber threats. This builds on initiatives like DigiKavach, launched in 2023, to help identify and block malicious apps, including exploitative loan services.
Using AI to fight scams and protect users
Google is actively using AI across its services in India. For instance, Google Messages now detects over 500 million suspicious messages monthly through AI-powered scam filters. Google Play Protect, piloted in India, blocked nearly 60 million attempts to install risky apps, stopping over 220,000 dangerous apps on more than 13 million devices.
Google Pay, one of the top UPI apps in India, has issued 41 million scam warnings to users — showcasing just how widespread online fraud has become.
Adkins noted that while generative AI tools like Gemini can enhance productivity, they can also improve phishing attacks through language translation or generate convincing deepfake content. Google is addressing these risks by testing its AI models to prevent harmful behaviour and building frameworks such as the Secure AI Framework, which aims to create safer AI environments.
“We’re working closely with researchers and developers to set standards before it’s too late. We don’t want to create safety rules after the damage is done,” she explained.
Surveillance vendors and challenges in Indian cybersecurity
In addition to scam risks, Adkins pointed out the growing threat of commercial surveillance tools. These are often sold on the dark web and used to spy on individuals without advanced hacking skills. Some platforms can be bought for as little as US$20, while others fetch prices in the hundreds of thousands. These tools are not only a threat globally but have also been used in India.
India’s large population and increasing smartphone adoption also make it a testing ground for new types of digital fraud. For example, “digital arrests” — where scammers impersonate officials on video calls — are just one of many evolving tactics.
Adkins said, “India often gives us a preview of global cyber trends. Studying cybercrime here helps us prepare for what might spread elsewhere.”
Google is also continuing to promote the wider use of multi-factor authentication (MFA). While it supports passwordless options and hardware keys, Adkins noted that SMS-based MFA remains the most accessible for Indian users due to the country’s vast and diverse demographics.
“Passwords alone aren’t enough. Multi-factor authentication is a must, and we’re encouraging people to take that step,” she said.
As India’s digital footprint grows, Google’s AI-led initiatives and local partnerships signal a long-term commitment to building a safer internet — not only for users in India but potentially for the rest of the world.
