Google’s Safe Browsing technology is now available by default on versions of Chrome running on Android handsets.
All Android users running Version 46 or higher of Chrome should find Safe Browsing enabled in their browser, the company said Monday. Users can verify this by going to Chrome’s Settings menu and choosing the Privacy option, Google researchers Noé Lutz, Nathan Parker and Stephan Somogyi said.
“Google Safe Browsing has been protecting well over a billion desktop users against malware, unwanted software and social engineering sites on the web for years,” the researchers noted. By embedding it in Chrome for Android, Google has extended that same protection to millions of other users, they said.
Google launched Safe Browsing about eight years ago as a way to protect users from browsing on unsafe sites. It is designed to alert users when they arrive on sites that Google deems to be unsafe, such as those that are used for phishing purposes, relaying spam or injecting malware, or unwanted, hard-to-uninstall software on systems. Safe Browsing is also designed to alert Internet users of sites that are unsafe because the sites might have been compromised by others and are being used to serve up malware.
Alerts powered by Safe Browsing are available not just to Chrome users. Similar alerts are available to users of Mozilla’s Firefox and Apple Safari browsers.
According to Google, Safe Browsing serves up more than 5 million warnings on average daily for different kinds of malicious sites and malware. The company says the technology helps uncover more than 90,000 phishing sites and some 50,000 malware sites every single month.
In addition to warning users about unsafe sites, Google’s Safe Browsing technology warns Website owners about the presence of malware and other security issues on their sites. The company has a process for warning site owners about potential security issues and giving them a chance to remediate the issue. Sites that fail to respond in a timely manner are labeled as being compromised and their exposure is limited on Google search results until the issue is resolved.
According to Google, Android and its Play application store have several built-in protections against harmful apps and malware. But increasingly, many mobile users are also being exposed to social engineering attacks, especially phishing, which require a different set of protections.
To protect mobile users against potentially dangerous sites, Google needs to maintain an up-to-date list of known bad sites on the device, the company said. Maintaining such a list on mobile devices is much harder to do compared with a desktop system.
That’s because data size matters a lot in the mobile environment, where people are usually charged for mobile data use, the Google security researchers said in their blog post. Mobile data speeds are typically slower than WiFi in many parts of the world, and cellular service can be patchy as well, making data size an important issue.
“Bytes are big: our mantra is that every single bit that Safe Browsing sends a mobile device must improve protection,” the Google researchers said.
In enabling Safe Browsing by default on Chrome for Android, Google also had to think about issues like network bandwidth and battery use. In addition, Google had to find a way to ensure that information about the riskiest sites is sent through first in areas where the company is forced to send only very short security updates because of low bandwidth issues, the researchers said.