Google Introduces Real-Time Browsing Protection in Chrome to Enhance Privacy

Google has announced the addition of a new real-time browsing protection feature for Chrome, aimed at safeguarding user privacy. This update, now available in the default Standard mode of Safe Browsing, is set to revolutionize web safety by hiding visited URLs from Google. It significantly addresses the lag in detecting potentially unsafe sites, which typically lasts 30 to 60 minutes, enabling a higher level of user protection against rapidly emerging threats.

For years, Chrome’s Safe Browsing feature has compiled a local database which identifies unsafe URLs on users’ devices. However, the lag in updating this database means that numerous dangerous websites slip through the cracks. In response, Google developed the Enhanced protection mode, which utilizes its server-side Safe Browsing database to identify unsafe URLs in real-time, offering users advanced security. However, this level of protection requires users to provide Google with additional security-related data, making it an optional feature.

Google’s latest update seeks to bridge the gap between real-time detection and preserving user privacy. The new Safe Browsing version employs an API that conceals visited site URLs, ensuring user anonymity. Whenever the Safe Browsing database fails to identify a site, an encrypted version of the URL is sent to Fastly’s privacy server, an independently operated entity committed to safeguarding user data.

At Fastly’s privacy server, the URL is stripped of any potential user identifiers, such as IP addresses, and remains encrypted. The server forwards the obfuscated URL via a secure TLS connection to Safe Browsing’s server-side database. The database decrypts the URL to its hash form and discreetly checks it against the list of unsafe sites. If a match is found, only the encrypted hash form is shared with Google, allowing it to promptly warn the user about potential threats.

This innovative process ensures that user browsing activity stays private. No single party retains access to both the user’s IP address and the URL’s hash prefixes. Users can expect an increased level of protection, with Google estimating a 25% reduction in successful phishing attempts.

While both Standard and Enhanced modes now offer real-time checking, Google asserts that the Enhanced protection mode extends a more comprehensive level of security. With added features such as AI-based attack blocking, deep file scans, and enhanced protection against malicious Chrome extensions, the Enhanced mode affords users an enhanced level of defense.

Currently, the real-time checking feature in Standard mode is accessible on Chrome desktop and iOS. Android users can expect the update to roll out later this month, ensuring a consistently high level of browsing safety across all platforms.