What Google does to keep you safer and let you know they’re doing it in Chrome.
You’ve probably heard that the Chrome browser helps make sure you don’t visit websites that may be harmful on accident. That’s true, but like most things in Chrome, there’s also more information available for every web page you visit when it comes to trust. It’s actually right there in front of us all the time right in the omnibar. Let’s have a basic look at what Google does to make sure your safe on the web when using Chrome.
Every website is given a trust rating by Google. There are based on what’s called a certificate and data collected by Google’s Safe Browsing program. Google’s Safe Browsing is an index of the web (yes, all of the web) that will warn you before you load a site that may be unsafe by pausing the loading of the page and warning you. You’ll see some information that tells you what Google thinks is wrong and the option to continue to the page or to go back a step to the last page you visited.
We blocked the website address in this image to make sure nobody tries to visit it, but you would normally see it in the text. Any web page that Google’s Safe Browsing engine suspects of having malware or collecting your user data will be flagged this way. Safe Browsing is built into Chrome, Firefox and Safari. Safe Browsing isn’t something that was made to compete in any sales market. It’s a service from Google’s web security team that other companies can use and help make better so we’re all safer on the internet.
Safe Browsing stops you from going directly to a web site that Google has flagged as harmful.
Chrome also has another safety check in place that uses a site’s SSL certificate. A certificate is a small data file that is uploaded on a website’s server that binds a cryptography key to that particular site. When a proper certificate is installed on a server, it activates the HTTPS protocol so secure connections between the web server and you are possible. This way, things like credit card transactions, personal details, and data transfers stay between you and the site you’re visiting. A certificate also ties a site’s domain name, hostname, company name, and location together
Google has a list of companies that provide these SSL certificates who are trusted. Anyone can create an SSL certificate, and if you work for a company with a big intranet (web pages for internal use) or that uses their own VPN credentials you probably have a custom certificate from your IT department you need to mark as trusted in some applications. Those don’t go into Google’s master list but are treated the same way because you (or your IT department) explicitly said they were trustworthy.
Android Central is an example. We have a recognized SSL certificate, and you’ll be able to use it with Chrome if you visit https://www.androidcentral.com. You’ll see the lock icon along with our company name in Chrome’s omnibar and that means that everything you type or otherwise enter on one of our pages is encrypted so that only you and we can read it.
SSL certificates are a great way to make sure the data you send to any web page is encrypted and secure.
But we also need to be legacy compatible. We want someone with an old Android tablet or one they bought that doesn’t have Google’s software available to be able to visit using a browser that can’t use certificates or might have difficulty rendering sites that have them. If you visit http://www.androidcentral.com (notice the use of http versus https) you’ll see the info icon. You can click on that icon and it will tell you that your connection isn’t secured.
Many sites are this way, so be sure to update all your bookmarks to use the https address!
Chrome isn’t the only browser that helps make sure you’re safe on the web. Microsoft, Mozilla, Apple and everyone else wants your experience to be the best it can be so you keep using their products. But Chrome gives plenty of details to help you know what’s going on and we want to make sure you know how to find them.