Google is expanding the Safety Check feature already offered in the Chrome browser to assist in reviewing and possibly revoking permissions carelessly granted to websites.
Especially for newly visited sites, the usual GDPR dialog with information about data collected for advertising purposes may also come “bundled” with requesting permission for notification messages. Implemented to allow web administrators to communicate essential information to users who are not actively browsing the site, support for triggering notifications in the web browser is often misused. Thus, instead of relevant information, users are bombarded with unsolicited advertisements or lured into various traps, such as accessing an infected site.
Although Google has taken some steps to display more clearly the prompts for notification messages and even blocking this feature by default for sites that abuse it, users who knowingly or inadvertently granted this permission did not have an equally simple method for revoking it. Instead, to “clean” the Chrome browser of unwanted notifications one had to search deep in the Settings menu, to the Privacy and Security – Site Settings – Notifications section, one could find a list of sites accepted for sending notifications.
From now on, Chrome will periodically remind you about revoking non-essential permissions granted to websites, with the check included in the same Password Checkup routine responsible for issuing alerts suggesting changing compromised passwords. Specifically, in addition to information about compromised passwords, you’ll also see a summary of sites to which you’ve granted special permissions that could expose you to security risks and online privacy breaches.
Another new feature is the ability to protect your browsing sessions started in Incognito mode using biometric authentication methods, blocking access by unauthorised people. The feature is available on phones and tablets equipped with the Chrome version for Android, respectively, fingerprint sensor.