How does Chrome Safe Browsing keep your browsing data private on Android?

Standard protection

With standard protection, Chrome checks the sites that you go to, the extensions that you have installed and the files that you attempt to download against Google's list of unsafe sites and downloads. Sites and downloads on this list are associated with abusive websites and extensions, malicious and intrusive ads, malware, phishing and social engineering. Chrome periodically downloads and stores the most recent copy of this list on your device. It also stores a list of sites known to be safe.

Each time that you visit a website or attempt a download, Chrome first checks if the URL is on the list of safe sites stored on your device. If it's not, Chrome sends an obfuscated portion of the URL to Google through a privacy server that hides your IP address. If Google confirms that the website or download is malicious, Chrome warns you that it may be dangerous. If you have an abusive or malicious extension installed, Chrome disables it. In some cases, if the request to the privacy server fails or you're browsing in Incognito mode, the site gets checked against the list of unsafe sites stored on your device instead of the list stored with Google. In these cases, if there's evidence of suspicious behaviour, Chrome sends an obfuscated portion of the URL to Google.

In addition to the protections described above, Chrome will send a report to Google if it finds suspicious page behaviour or suspicious actions that you may have been tricked into performing. For example, when you enter a previously saved password on a new site, Chrome checks with Google to determine whether the page might be phishing, a type of social engineering attack used to steal your data. If it's determined that the site is phishing, Chrome asks you to check or change your password.

Sites are checked for phishing and social engineering terms. Chrome sends a small set of visual features to Google and compares the site to a list of dangerous sites to determine whether it's malicious. Some security features are disabled in Incognito to prevent revealing additional data to Google.

Enhanced protection

Enhanced protection sends more information about your activity to Google in real time to offer stronger, more customised protection. This information includes the URLs that you visit and a small sample of page content, downloads, extension activity and system information.

Enhanced protection includes the default and optional features included in standard protection. Enhanced protection uses the extra information to warn you about:

• Risky sites: Chrome analyses data from sites that you visit to detect and warn you about potentially risky sites and iframes, even if Google didn't know about them before.
• Dangerous downloads: You can choose to send suspicious files to Google for additional scans to detect malware. These scans help find new malware or dangerous files hosted on a new site.
• Untrusted extensions: Chrome warns you when an extension you want to install isn't trusted by the Chrome Web Store.

If you're signed in, enhanced protection does even more. It protects you across other Google apps where you're signed in by linking data across your Google Account. For example, if we find phishing attempts in your Gmail, we increase your protection as you open sites and downloads in Chrome. Enhanced protection will not slow down your browsing experience.

With standard and enhanced levels of protection, Safe Browsing data is only used to protect and improve security for you and other web users.

With standard protection:

• Chrome hides your IP address by sending an obfuscated portion of the URLs you visit through a third-party privacy server before forwarding it to Google. This way, Google and the third-party that operates the privacy server can’t associate a real URL with your IP address.
• Chrome only sends additional data when there is evidence of security incident.
  • If suspicious behavior is detected, Chrome sends obfuscated or full URLs and bits of page content directly to Google Safe Browsing. For example, if you reuse a previously saved password on an uncommon site or a site doesn't pass a phishing-detection check, a full URL may be sent with the report.

With enhanced protection:

• Chrome sends additional data when it doesn't have information about the site you're about to visit.
  • Chrome sends URLs and bits of page content to Google Safe Browsing.
  • You get the highest safety available in Chrome to protect you from things like malicious actors, malware, and phishing attacks.

You can choose your level of Safe Browsing and how much of your data is sent to Google to improve security for you and other web users. You can always choose to visit an unsafe site or download a dangerous file after you get a warning from Chrome.

Change your Safe Browsing settings

Important: If you turn off Safe Browsing, Chrome can't protect you from websites that try to steal your information or install harmful software. We recommend some level of protection.

1. On your Android device, open Chrome .
2. At the top right, tap More   Settings   Privacy and security.
3. Select Safe Browsing.
4. Select the level of protection that you want to use.

Change your Make searches and browsing better settings

When 'Make searches and browsing better' is turned on, Chrome sends URLs of the pages that you visit to improve your browsing experience and security. Learn more about URLs from private browsing activity and Incognito mode.

1. On your Android device, open Chrome .
2. At the top right, tap More   Settings   Google services.
3. Turn Make searches and browsing better on or off.