Make it safe to click on links
Chrome Security’s mission is to make it safe to click on links.
We have four main focus areas:
We provide the building blocks so that all of Chrome is built with security at front of mind.
Secure connections are the backbone of the modern web, but a certificate is only as trustworthy as the validation process and issuance practices behind it. Recently, the Chrome Root Program and the CA/Browser Forum have taken decisive steps toward a more secure internet by adopting new security requirements for HTTPS certificate issuers.
Keep reading
Chrome has been advancing the web’s security for well over 15 years, and we’re committed to meeting new challenges and opportunities with AI. Billions of people trust Chrome to keep them safe by default, and this is a responsibility we take seriously. Following the recent launch of Gemini in Chrome and the preview of agentic capabilities, we want to share our approach and some new innovations to improve the safety of agentic browsing.
Keep reading
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Chrome will ask for the user’s permission before the first access to any public site without HTTPS.
Keep reading
Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures. Advanced Protection gives you the ability to activate Google’s strongest security for mobile devices, providing greater peace of mind that you’re better protected against the most sophisticated threats.
Keep reading
Chrome is adding a new permission prompt for sites that make connections to a user’s local network as part of the draft Local Network Access specification. The aim is to protect users from cross-site request forgery (CSRF) attacks targeting routers and other devices on private networks, and to reduce the ability of sites to use these requests to fingerprint the user’s local network.
Keep reading
Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting money or gaining unauthorized access to sensitive data. In a tech support scam, the goal of the scammer is to trick you into believing your computer has a serious problem, such as a virus or malware infection, and then convince you to pay for unnecessary services, software, or grant them remote access to your device. Tech support scams on the web often employ alarming pop-up warnings mimicking legitimate security alerts. We’ve also observed them to use full-screen takeovers and disable keyboard and mouse input to create a sense of crisis.
Keep reading
For more than a decade Google has used advancements in AI to protect you from online scams where malicious actors deceive users to gain access to money, personal information, or both. Today, we're releasing a new report on how we fight scams in Search, and sharing the new ways we're using AI to keep you safe across Search, Chrome and Android.
Keep reading
Notifications in Chrome are a useful feature to keep up with updates from your favorite sites. However, we know that some notifications may be spammy or even deceptive. We’ve received reports of notifications diverting you to download suspicious software, tricking you into sharing personal information or asking you to make purchases on potentially fraudulent online store fronts.
Keep reading
From Chrome 137, Document Isolation Policy is a new feature that makes crossOriginIsolation adoption easier. Unlike COEP, Document Isolation Policy applies per frame and makes no requirements of subframes. By enabling crossOriginIsolation, Document Isolation Policy unlocks access to powerful web functionalities like SharedArrayBuffers or WebAssembly threads.
Keep reading
Earlier this month, two Chrome Root Program initiatives became required practices in the CA/Browser Forum Baseline Requirements (BRs). The CA/Browser Forum is a cross-industry group that works together to develop minimum requirements for TLS certificates. Ultimately, these new initiatives represent an improvement to the security and agility of every TLS connection relied upon by Chrome users.
Keep reading
Google Safe Browsing helps keep you safe while you surf the web by identifying phishing, malware, scams and other online threats in real time. Launched in 2005, it’s used by Chrome and many other popular browsers, Search, Android, Google Ads and Gmail to keep 5 billion devices safe and help you stay one step ahead of cybercriminals.
Keep reading