Advanced Protection acts as a single control point for at-risk users on Android that enables important security settings across applications, including many of your favorite Google apps, including Chrome. In this post, we’d like to do a deep dive into the Chrome features that are integrated with Advanced Protection, and how enterprises and users outside of Advanced Protection can leverage them.

Android Advanced Protection integrates with Chrome on Android in three main ways.

To understand how this change impacts the web ecosystem, the Chrome team is looking for feedback from developers who build web applications that rely on making connections to a user’s local network or to software running locally on the user’s machine. From Chrome 138, you can opt-in to these new restrictions by going to chrome://flags/#local-network-access-check and setting the flag to “Enabled (Blocking)”.

To defend against these threats, Chrome is launching warnings of unwanted notifications on Android. This new feature uses on-device machine learning to detect and warn you about potentially deceptive or spammy notifications, giving you an extra level of control over the information displayed on your device.

When a notification is flagged by Chrome, you’ll see the name of the site sending the notification, a message warning that the contents of the notification are potentially deceptive or spammy, and the option to either unsubscribe from the site or see the flagged content.

An example of a notification flagged as possibly spam.

If you choose to see the notification you will still see the option to unsubscribe or you can choose to always allow notifications from that site and not see warnings in the future.

What you see when viewing a flagged notification.

How It Works

Chrome uses a local, on-device machine learning model to analyze notification content. This model identifies notifications that are likely to be unwanted. The model is trained on the textual contents of the notification, like the title, body, and action button texts.

Notifications are end to end encrypted. The analysis of each message is done on-device and notification contents are not sent to Google, to protect user privacy. Due to the sensitive nature of notifications content, the model was trained using synthetic data generated by the Gemini large language model (LLM). The training data was evaluated against real notifications Chrome security team collected by subscribing to a variety of websites that were then classified by human experts. To start, this feature is only available on Android as the majority of notifications are sent to mobile devices, however we will evaluate expanding to other platforms in the future.

This feature is just one of many ways Chrome works to reduce the number of potentially harmful notifications you receive. Other ways Chrome protects against potentially harmful notifications include:

• Revoking Notification Permissions from Abusive Sites: When Google Safe Browsing identifies a site engaging in abusive behavior Chrome will automatically revoke the site’s notification permissions. You can find a list of revoked notification permissions in Chrome Safety Check. Learn more about how Safety Check takes proactive steps to keep you safe here.

  

  In Safety Check you can review any notification permission revocations

  • One Tap Unsubscribe on Android: You have the option to unsubscribe from notifications with one click on any Chrome notification sent to an Android phone, whether the notification contents are benign or potentially harmful. Limiting notifications from sites you no longer want updates from can reduce the amount of data and battery life you use daily. If you ever want to review what sites have the ability to send you notifications you can visit Chrome Settings-> Privacy and Security->Site Settings->Notifications.

  Notification warnings are an important step in Chrome’s ongoing commitment to user safety. The Chrome Security team in partnership with Google Safe Browsing continually monitors threats to our users in order to evolve our defenses against abusive activity across the web. Keep an eye on our blog for updates on how we are helping you stay one step ahead of online threats.

-

Stopping scams in Search with AI-powered defenses

In Search, AI helps us detect and block hundreds of millions of scammy results every day. Our Fighting Scams in Search report showcases how the investments we’ve made in our AI-powered scam detection systems — along with improvements to our classifiers — have enabled us to catch 20-times the number of scammy pages. These improvements help ensure the results you get are legitimate, and protect you from harmful sites trying to steal your sensitive data.

Advancements in AI have bolstered our scam-fighting technologies — enabling us to analyze vast quantities of text on the web, identify coordinated scam campaigns and detect emerging threats — staying one step ahead to keep you safe on Search. For example, we’ve observed a significant increase in bad actors on the web impersonating airline customer service providers and scamming people in need of help. We’ve already reduced these scams by more than 80% in Search, greatly reducing the risk that you call a scammy phone number.

Supercharging Safe Browsing in Chrome with Gemini Nano

The Enhanced Protection mode of Safe Browsing on Chrome is our browser’s highest level of protection, and keeps users twice as safe from phishing and other scams versus our Standard Protection mode.

We’re now using Gemini Nano, our on-device large language model (LLM) on desktop, to provide Enhanced Protection users with an additional layer of defense against online scams. The on-device approach provides instant insight on risky websites and allows us to offer protection, even against scams that haven't been seen before. Gemini Nano's LLM is perfect for this use because of its ability to distill the varied, complex nature of websites, helping us adapt to new scam tactics more quickly.

We're already using this new AI-powered approach to protect users from remote tech support scams, one of the biggest online threats facing users today. Our goal is to expand this protection to Android devices and even more types of scams in the future.

Fighting scams, spam and unwanted notifications

Sometimes the risk from scammy sites can extend beyond the site itself. If you've enabled notifications from websites, malicious sites can try to scam you through a barrage of notifications. To help you stay ahead of malicious, spammy or misleading notifications, we're launching new AI-powered warnings for Chrome on Android.

When Chrome’s on-device machine learning model flags a notification, you’ll receive a warning with the option to either unsubscribe or view the content that was blocked. And if you decide the warning was shown incorrectly, you can choose to allow future notifications from that website.

Safeguarding you from sophisticated call and messaging scams {#safeguarding-you-from-sophisticated-call-and-messaging-scams block-key=”ccm9r”}

Scams are commonly being initiated through phone calls and text messages that appear harmless at first, but then evolve into dangerous situations. We recently launched on-device AI-powered Scam Detection in Google Messages and Phone by Google to protect Android users from these types of sophisticated scams.

No one likes being tricked, but history has shown us that scammers are constantly evolving their tactics and unlikely to give up anytime soon. That’s why we’re committed to making their job as hard as possible through using Google’s latest AI advancements to raise the bar for safety across all of our products.