Skip to main content

Google launches Safe Browsing API version 4

The world wide web used to be like the wild west (and still sort of is). Visiting the wrong site would often mean an infection with malware or other nastiness, such as getting taken by scams.

While that can still happen today, web surfers are much more protected. Some security suites don't only scan for and remove viruses on your hard drive, but prevent the download entirely. Not to mention, users are often better trained to recognise a scam.

Unfortunately, no web browser or security software package is infallible - nor is any user. Thankfully, Google is working around the clock to keep the world protected. Its Safe Browsing API is available to developers, allowing software - such as Chrome - to warn a user before they visit a dangerous site. Today, the search giant launches the fourth version of the API.

"With protocol version 4, we've optimised for this new environment with a clear focus on maximising protection per bit, which benefits all Safe Browsing users, mobile and desktop alike. Version 4 clients can now define constraints such as geographic location, platform type, and data caps to use bandwidth and device resources as efficiently as possible. This allows us to function well within the much stricter mobile constraints without sacrificing protection", says Emily Schechter and Alex Wozniak, Safe Browsing Team.

Schechter and Wozniak explain to developers, "a single device should only have a single, up-to-date instance of Safe Browsing data, so we're taking care of that for all Android developers. Please don't implement your own Version 4 client on Android: we're working on making a simple, device-local API available to prevent any resource waste on device. We’ll announce the availability of this new device-local API as soon as possible; in the meantime, there’s no need to develop a Version 4 client on your own".

That Android device-level implementation is rather genius. Think about it. If every app had to individually implement this, it would not only be a waste of resources, but a risk that a lackadaisical developer could stop updating for the newer API versions. By tying into a local API, developers can prevent their apps from becoming outdated from a Safe Browsing perspective.

Developers leveraging the prior version don't need to panic. Version three will continue to be supported until 2017. Google does not share a specific date, so this could possibly be pushed back even further.

While Safe Browsing is undeniably beneficial, there is a downside. All of the URLs you visit are passed to Google. After all, it needs to check the address against its server-side database. This is yet another way for the search giant to suck up valuable data.

With that said, the benefits - being protected from malware and phishing scams - arguably outweigh any conspiracy theories.