SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Protecting Chrome users from abusive notifications

By PJ McLachlan, Google Web Platform PM

June 2, 2020

Notifications on the web help users receive important updates for a wide range of applications including messaging, calendars, email clients, ride sharing, social media and delivery services.

Unfortunately, browser notifications can be used to mislead users, phish for private information or promote malware. These abusive patterns fall into two broad categories, “permission request issues" and "notification issues."

Permission request issues are requests designed to mislead, trick, or force users into allowing notifications. One example of this is websites that require users to allow notifications in order to gain access to site content or that are preceded by misleading pre-prompts.
Notification issues include fake messages that resemble chat messages, warnings, or system dialogs. They also include phishing attacks, an abusive tactic that tries to steal or trick users into sharing personal information, and malware notifications that promote or link to malicious software.

To learn more about abusive notifications, you can consult the complete list of abusive notifications identified by the Abusive Notifications Report in Search Console, described below in the "How do I know if my site has failed the abusive notifications check?" section.
Starting with Chrome 84, releasing to stable on July 14 2020, sites with abusive permission requests or abusive notifications will be automatically enrolled in quieter notifications UI and notification enrollment prompts will advise users that the site may be trying to trick them. These changes are described in more detail below.

Why are you doing this?

Abusive notification prompts are one of the top user complaints we receive about Chrome. A large percentage of notification requests and notifications come from a small number of abusive sites. Protecting users from these sites improves user safety & privacy on the web, and makes for a better browsing experience.

Only a small fraction of websites will be affected by this change but we expect the impact on notification volumes will be significant for some users.  

Notification UI changes for Chrome 84

Abusive notification protection in Chrome 84 will only affect new notification permission requests from abusive sites. In the future, we may add protections for users who have already accepted notification permissions from abusive sites.

Desktop UI for quiet notifications UI on abusive websites. The new UI discourages users from allowing notifications from these websites.

Mobile UI for quiet notifications on abusive websites.  The new UI discourages users from allowing notifications from these websites.

Terms of Use | Copyright © 2002 - 2020 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement