Security Experts:

Connect with us

Hi, what are you looking for?


Mobile & Wireless

Google Optimizes Safe Browsing API for Mobile

Google on Friday announced a new version of its Safe Browsing API and a focus on maximizing protection for both mobile and desktop users.

Google on Friday announced a new version of its Safe Browsing API and a focus on maximizing protection for both mobile and desktop users.

Initially designed to provide developers with access to the company’s lists of suspected unsafe sites, Safe Browsing has evolved into a protection mechanism for users around the world. Over the past few years, Google has made several improvements to Safe Browsing, which now includes alerts for potentially unwanted programs (PUPs).

Over time, the company has made various enhancements to Safe Browsing, expanded it to the Chrome browser, including the Android version, and added it to Google Search. Just last month, the company announced a series of Safe Browsing improvements for network admins.

“Safe Browsing protects well over two billion internet-connected devices from threats like malware and phishing, and has done so for over a decade,” Emily Schechter and Alex Wozniak, Safe Browsing Team, note in a blog post.

Last week, the Internet giant launched the fourth Safe Browsing API version over a nine-year period, after making the first API version available in 2007. Along with the availability of Safe Browsing API version 4, Google announced that it is starting the deprecation process for v2-3. Developers are encouraged to transition from the older protocol versions to the newly announced one as soon as possible.

According to Google, the great increase in mobile device use for accessing the Internet was one of the reasons a new API version was needed given the constraints of mobile devices, including limited power, network bandwidth, and costs of cellular data.

Safe Browsing protocol version 4 has been optimized for this new environment, with Google focusing mainly on maximizing “protection per bit” for all Safe Browsing users, mobile and desktop alike. Clients using the new API can define constraints such as geographic location, platform type, and data caps for an efficient use of device resources and bandwidth, thus ensuring maximum protection within the stricter mobile constraints.

Additionally, Google revealed that the new protocol has been implemented in the Safe Browsing client on Android since December and that Chrome 46 for Android was the first app to use it. The Internet company also explains that it is making a device-local API available for Android developers so that they won’t have to implement their own version 4 client. As a result, a single, up-to-date instance of Safe Browsing data would be present on a device, which will also ensures a minimum use of resources.

The new device-local API is not available as of now, but Google plans on releasing it as soon as possible. In the meantime, using Safe Browsing Version 4 API directly allows developers to check pages against the Safe Browsing lists based on platform and threat types; warn users before they click links that may lead to infected pages; and prevent users from posting links to known infected pages.

On Friday, Google released a reference client implementation of the new API. Written in Go, it offers a Safe Browsing HTTP proxy server, which supports JSON, Google explains. The implementation is available on GitHub, while additional details on Safe Browsing API version 4 are available on Google’s developer website.

Related: Google to Soon Kill SSLv3, RC4 Support in Gmail

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...


Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.