Google has unveiled a significant update to its Safe Browsing feature in Chrome, introducing real-time functionality that checks against a server-side list without compromising user browsing privacy.
Previously, Chrome would download a list of known malicious sites, including those harboring malware and phishing scams, every one to two hours. With the new system, Chrome will send URLs of visited sites to Google’s servers for instant verification against an updated list. This shift eliminates the delay in receiving updates, as the average malicious site exists for only about 10 minutes.
Google claims that this server-side approach can detect up to 25 per cent more phishing attacks compared to using local lists. Additionally, local lists have grown larger over time, straining low-end devices and connections with limited bandwidth.
The rollout of this new system begins with desktop and iOS users, while Android support is expected later in March.
Privacy-conscious users may recognize similarities to the Safe Browsing Enhanced Mode, which also checks URLs against a real-time list online. However, Enhanced Mode employs AI to block attacks not listed, conducts deeper file scans, and guards against malicious Chrome extensions. Enhanced Mode remains opt-in, contrasting with the standard protection mode, which lacks these AI capabilities.
Google emphasizes the privacy of its real-time Safe Browsing service. When a site is visited, Chrome first checks its cache for safety. If the URL is not cached, Chrome hashes and encrypts it before sending the encrypted data to a privacy server, which further anonymizes the request before forwarding it to the Safe Browsing server. Google collaborated with Fastly to use its Oblivious HTTP privacy server, ensuring that neither Google nor Fastly sees the users’ browsing data or IP addresses.
This privacy-focused architecture safeguards user data while providing real-time protection against online threats, marking a significant step forward for Chrome’s Safe Browsing feature.