As a follow-up to a previous blog post about How Hash-Based Safe Browsing Works in Google Chrome, we wanted to provide more details about Safe Browsing’s Enhanced Protection mode in Chrome. Specifically, how it came about, the protections that are offered and what it means for your data.
Security and privacy have always been top of mind for Chrome. Our goal is to make security effortless for you while browsing the web, so that you can go about your day without having to worry about the links that you click on or the files that you download. This is why Safe Browsing’s phishing and malware protections have been a core part of Chrome since 2007. You may have seen these in action if you have ever come across one of our red warning pages.
We show these warnings whenever we believe a site that you are trying to visit or file that you are trying to download might put you at risk for an attack. To give you a better understanding of how the Enhanced Protection mode in Safe Browsing provides the strongest level of defense it’s useful to know what is offered in Standard Protection.
Enabled by default in Chrome, Standard Protection was designed to be privacy preserving at its core by using hash-based checks. This has been effective at protecting users by warning millions of users about dangerous websites. However, hash-based checks are inherently limited as they rely on lookups to a list of known bad sites. We see malicious actors moving fast and constantly evolving their tactics to avoid detection using sophisticated techniques. To counter this, we created a stronger and more customized level of protection that we could offer to users. To this end, we launched Enhanced Protection in 2020, which builds upon the Standard Protection mode in Safe Browsing to keep you safer.
This is the fastest and strongest level of protection against dangerous sites and downloads that Safe Browsing offers in Chrome. It enables more advanced detection techniques that adapt quickly as malicious activity evolves. As a result, Enhanced Protection users are phished 20-35% less than users on Standard Protection. A few of these features include:
- Real time URL checks: By checking with Google Safe Browsing’s servers in real time before navigating to an uncommon site you’re visiting, Chrome provides the best protection against dangerous sites and uses advanced machine learning models to continuously stay up to date.
- File checks before downloading: In addition to Chrome’s standard checks of downloaded files, Enhanced Protection users can choose to upload suspicious files to be scanned by Google Safe Browsing’s full suite of malware detection technology before opening the file. This helps catch brand new malware that Safe Browsing has not scanned before or dangerous files hosted on a brand new site.
- More advanced vision-based phishing detection: To better detect phishing and dangerous sites for Enhanced Protection users, Chrome performs basic client-side checks on the web page to determine if it is suspicious. For pages deemed suspicious, Chrome sends a small set of visual features derived from the page to Google’s Safe Browsing servers for additional phishing classification using computer vision. This helps Chrome more accurately recognize dangerous sites, and can warn other users before they visit the site.
User data privacy and security
By opting into Enhanced Protection, you are sharing additional data with Safe Browsing systems that allow us to offer better and faster security both for you, and for all users online. Ensuring user privacy is of utmost importance for us and we go through great lengths to anonymize as much of the data as possible. This data is only used for security purposes and only retained for a short period of time. As threats evolve we will continuously add and improve our existing protections for Enhanced Protection users. These features go through extensive privacy reviews to ensure that your privacy continues to be prioritized while still providing you the highest level of security possible.
How to enable
Safe Browsing’s Enhanced Protection is currently available for all desktop platforms, Android devices and now iOS mobile devices. It can be enabled by navigating to the Privacy and Security option located in Chrome settings.
For enterprise admins, you have the option of enabling Enhanced Safe Browsing on your managed devices using the SafeBrowsingProtectionLevel policy and in the Admin Console.
For more details and updates about Safe Browsing and its Enhanced Protection mode, please visit our Google Safe Browsing website and follow the Google Security Blog for updates on new features.
Posted by Garima Mehra, Program Manager
Our monthly newsletter curates some of the best projects developed with Google tech that have been submitted to the Google Dev Library platform. We hope this brings you the inspiration you need for your next project!
Content of the month
Check out our shortlisted Content from Google Cloud, Angular, Android, & Flutter
Solve the common question, “who parked their car in my spot?” with this clever tutorial.
by Mustapha Adekunle
Better understand what aspects come into consideration when designing a data schema.
Learn how to set up aggregated logging in an organization that has VPC Service Controls and find a Terraform module that lets you automate the setup for your own Google Cloud infrastructure.
Explore how to generate accurate business forecasts at a large scale using state of the art ML capabilities on the Google Cloud Platform.
Understand how to implement the Compound Component Pattern in Angular using Dependency Injection and Content Projection to create an excellent API for your components.
by Jaewoong Eum
Check out the 2022 Android Developer Roadmap- a multi-part series covering important Android fundamentals like Languages, App Manifest, App Components, Android Jetpack, and more.
by Veronica Putri Anggraini
Read this fun application of geofencing to manage the dilemma of where to eat lunch based on which restaurant has the best deal.
by Daria Orlova
Get over your fear of data structures and algorithms with this helpful and snappy how-to focused on the Set.
Want to read more?
Check out the latest projects and community-authored content by visiting Google Dev Library
Submit your projects to showcase your work and inspire developers!
Learn more about how VPN by Google One gives you an extra layer of online protection for your phone or computer.
Your devices keep getting better with feature drops across Pixel phones, Watch and Buds.
The dev channel has been updated to 110.0.5449.3 for Windows .
A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
The Dev channel is being updated to OS version: 15263.0.0, Browser version: 110.0.5447.0 for most ChromeOS devices.
If you find new issues, please let us know one of the following ways:
- File a bug
- Visit our ChromeOS communities
- General: Chromebook Help Community
- Beta Specific: ChromeOS Beta Help Community
- Report an issue or send feedback on Chrome
- Interested in switching channels? Find out how.
Google celebrates Computer Science Education Week with free learning resources and support for local organizations closing equity gaps in CS.
Hi, everyone! We've just released Chrome 108 (108.0.5359.79) for Android: it'll become available on Google Play over the next few days.
This release includes stability and performance improvements. You can see a full list of the changes in the Git log
. If you find a new issue, please let us know by filing a bug
Android releases contain the same security fixes as their corresponding Desktop release (Windows: 108.0.5359.94/.95, Mac & Linux: 108.0.5359.94), unless otherwise noted.
Krishna GovindGoogle Chrome