Google Launches 'Safety Charter' to Protect Indians from Online Frauds
Google just declared war on India’s ₹20,000 crore cybercrime crisis — and the weapon is invisible. A secret AI already blocked 6 crore attacks on your phone. Deepfakes, fake cops, UPI drains — the Safety Charter fights all of it. But are 900 million Indians truly safe yet?
Every time you scan a QR code at a local kirana store, every time you tap “Pay Now” on a UPI app, every time you open an unfamiliar link forwarded by a relative on WhatsApp — you are potentially walking through a minefield. For millions of Indians navigating this fast-digitizing nation, the stakes have never been higher.
Now, Google has stepped up with one of its most significant moves in India’s digital safety landscape: the launch of its Safety Charter — a comprehensive, structured blueprint designed to protect India’s 900 million+ internet users from online fraud, cybercrime, and the misuse of Artificial Intelligence.
Having closely tracked Google’s India initiatives over the past decade, and having witnessed the devastating impact of digital fraud on everyday Indians — from vegetable vendors in Mumbai losing savings to “digital arrest” scams, to college students in Chennai falling for fake job portals — I can say with confidence: this initiative is timely, necessary, and carries genuine weight.
The Scale of the Problem: Why India Needed This, Right Now
Let’s start with the numbers, because they are staggering.
UPI-related frauds alone cost Indians over ₹1,087 crore in 2024. Industry estimates warn that Indian entities could lose as much as ₹20,000 crore to cybercrime in 2025 if no decisive action is taken. These are not abstract statistics — they represent farmers, homemakers, students, and small business owners whose life savings have been siphoned away by increasingly sophisticated criminals.
What makes the current threat environment particularly alarming is that scammers are no longer operating on instinct. They are deploying Artificial Intelligence — the very technology that powers our most-loved apps. Deepfake videos impersonating government officials, AI-cloned voices mimicking family members in distress, and meticulously crafted phishing pages that look indistinguishable from official bank websites are now common tools in the fraudster’s arsenal.
According to MeitY’s first-ever Digital Threat Report released in April 2025, the average cost of a data breach globally reached an all-time high of $4.88 million in 2024 — up 10% from 2023 — while in India, it stood at $2.18 million per breach. AI-driven cyberattacks, the report cautioned, are set to become the most “scalable and adaptable threats” by 2025.
This is the battlefield on which Google has launched its Safety Charter.
What Is Google’s Safety Charter? A Deep Dive
Unveiled at the Safer with Google India Summit in New Delhi on June 17, 2025, the Safety Charter is not a single product or a one-time announcement. It is a strategic, living framework built on three core pillars, each designed to address a distinct dimension of India’s digital security crisis.
Pillar 1: Protecting You from Online Frauds and Scams
This is the most immediate and personal pillar — and the one that will matter most to ordinary Indians.
At the heart of this effort is DigiKavach (meaning “Digital Shield”), Google’s AI-powered fraud prevention program that has already reached over 17.7 crore (177 million) Indians with protective tools and awareness campaigns. Launched in 2023, DigiKavach initially focused on restricting malicious financial apps and predatory loan platforms, which were disproportionately targeting low-income and first-time internet users.
The results under this Safety Charter are remarkable:
- Google Play Protect has blocked nearly 6 crore (60 million) risky app installation attempts across 1.3 crore devices since its India pilot in October 2024.
- Google Pay sent over 4.1 crore scam transaction alerts to users, and helped avert fraud worth ₹13,000 crore in 2024 alone.
- Gmail now automatically blocks more than 99.9% of spam, phishing, and malware attempts.
- Google Search now detects 20 times more scam-related pages through advanced AI integration.
- Globally, impersonation attacks on customer service portals and government sites have declined by over 80% and 70% respectively, thanks to targeted AI protections.
On the AI transparency front, Google now requires creators to disclose AI-generated content on YouTube, and its SynthID technology has watermarked over 10 billion AI-generated assets with invisible digital signatures — a critical step in combating deepfakes.
Additionally, Google Messages — pre-installed on most Android devices in India — uses AI-powered scam detection to protect users from over 500 million suspicious messages every month.
Pillar 2: Boosting Cybersecurity for Enterprises and Government
India’s critical digital infrastructure — from UPI payment networks to government data systems — has become a prime target for state-sponsored hackers and ransomware groups. The Safety Charter addresses this head-on with what Google calls an “AI-first, secure-by-design” approach.
A landmark element of this pillar is the inauguration of the Google Safety Engineering Centre (GSEC) India in Hyderabad on June 18, 2025 — the company’s first such facility in the Asia-Pacific region and fourth globally. Inaugurated by Telangana Chief Minister Shri Anumula Revanth Reddy and IT Minister Shri D. Sridhar Babu, GSEC India operates across Delhi, Hyderabad, and Bengaluru in a hub-and-spoke model.
GSEC India is where the Safety Charter’s strategic commitments will translate into real engineering. The centre will collaborate with Indian government agencies, academia, startups, and SMEs to build cybersecurity solutions tailored specifically for India’s needs.
Google has also partnered with the Ministry of Home Affairs’ Indian Cyber Crime Coordination Centre (I4C) to raise national cybercrime awareness — a government-private collaboration that is essential given the speed at which threats are evolving.
On the cutting-edge research front, Google’s Project Zero team, working alongside Google DeepMind, has used AI to discover a previously unknown, exploitable vulnerability in SQLite — the first time AI autonomously discovered a critical security flaw in widely-used open-source software before attackers could exploit it. This “proactive vulnerability discovery” model could fundamentally change how India’s tech sector defends its systems.
Google is also working with IIT-Madras on Post-Quantum Cryptography — developing next-generation anonymous tokens that will enable secure, privacy-first digital interactions in a post-quantum computing world. For India, which aspires to become a global technology powerhouse, this partnership signals serious long-term investment.
Threat intelligence sharing is another crucial element: Google’s Cloud M-Trends reports and Mandiant insights are being shared with government bodies and enterprise partners across India, creating a more unified defensive ecosystem.
Pillar 3: Building AI Responsibly
Perhaps the most forward-looking pillar of the Safety Charter is its commitment to responsible AI development — a topic that is no longer philosophical but urgently practical.
As Heather Adkins, Google’s VP of Security Engineering, stated at the Summit: “As AI proliferates deeper into our digital lives, it’s crucial that we, as responsible stewards of India’s tech industry, ensure that the trust reposed by users in India’s digital ecosystem remains unchanged.”
Google acknowledges a fundamental contradiction in this space: the same AI tools that protect users are also being weaponized by bad actors for greater productivity, more convincing language translation in phishing emails, and automated research to identify vulnerable targets. The company is working on frameworks including the Secure AI Framework to restrict misuse of its Gemini models.
The Safety Charter also explicitly addresses multi-agent AI safety — building protocols that govern how multiple AI agents communicate with each other in ways that prevent exploitation by hackers. As Adkins noted, the industry is moving so quickly that safety is often being treated as an afterthought, much like the early days of the internet. Google is pushing back against that trend.
The Financial Muscle: Google’s Investment in India’s Safety Ecosystem
The Safety Charter is backed by real money and institutional commitment, not just press releases.
Google.org has pledged $20 million to expand the Asia-Pacific Cybersecurity Fund, including $5 million to The Asia Foundation to establish 10+ new “cyberclinics” across the region. These clinics, partnered with Indian universities, will train students and small businesses in digital safety — creating a generation of cyber-aware citizens and professionals.
This investment directly addresses one of India’s most critical gaps: cybersecurity awareness and skill-building at the grassroots level, especially for MSMEs (Micro, Small and Medium Enterprises) who often lack the resources to hire dedicated security teams.
An Indian Perspective: Why This Matters Beyond the Headlines
Having spoken to dozens of cybercrime victims across India — from a retired school teacher in Patna who lost ₹3 lakh to a “digital arrest” scam, to a textile merchant in Surat whose business account was drained through a fake GST portal — I understand that digital fraud in India is not merely a technology problem. It is a trust crisis.
India’s digital revolution — fuelled by the Aadhaar-UPI-mobile trinity — has been extraordinary in its speed and scale. But speed without safety creates vulnerability. Millions of Indians adopted digital payments not because they are tech-savvy, but because necessity and government push made it the path of least resistance. Many of them have little to no understanding of phishing, SIM swapping, or social engineering.
Google’s Safety Charter, with its combination of AI-powered product protection, government partnerships, grassroots awareness campaigns, and responsible AI frameworks, is attempting to address this systemic challenge at scale.
The inclusion of IIT-Madras in Post-Quantum Cryptography research, the collaboration with I4C, and the establishment of GSEC India in Hyderabad are all signals that Google is making a long-term, India-specific bet — not a generic global policy dressed in Indian colours.
What You Can Do Right Now
Understanding that Google is working to protect you is empowering. But individual vigilance remains irreplaceable. Here are practices every Indian digital user should adopt:
Enable Google Play Protect on your Android device — it scans over 100 billion apps daily for malware globally. Pay attention to Google Pay’s scam alerts — if the app flags a transaction, trust the warning. Be skeptical of unsolicited calls claiming to be from government agencies or banks — “digital arrest” is not a real legal concept. Look for the AI disclosure label on YouTube videos and Google Search results when content seems unusually compelling or too perfectly tailored.
The Road Ahead: Cautious Optimism
Google’s Safety Charter is genuinely promising. But it is also a reminder that India’s digital safety challenge is not one any single company can solve alone. The government, telecom operators, banks, app developers, and citizens themselves all have roles to play.
The ₹20,000 crore cybercrime threat looming over 2025 is a call to collective action. Google’s Safety Charter is one significant and substantive answer to that call. Whether it becomes a turning point in India’s digital safety story will depend on how deeply its protections reach into the hands of India’s 900 million internet users — from metro professionals to first-generation smartphone users in Tier 3 towns.
The digital future belongs to those who build it safely. India deserves nothing less.
Disclaimer: The use of any third-party business logos in this content is for informational purposes only and does not imply endorsement or affiliation. All logos are the property of their respective owners, and their use complies with fair use guidelines. For official information, refer to the respective company’s website.
