Technology
Google bans embedded in-app sign-ins to curb phishing attacks
Google is taking a big step to fight attempts on its users.
In a on the company’s security blog, Google’s Product Manager of Account Security Jonathan Skelker announced that the search giant will begin to block account sign-ins from embedded browsers within applications.
The problem with embedded browsers, as Skelker lays out, is that it leaves Google’s users susceptible to phishing attacks from bad actors.
Previously, third-party developers could add web browser instances, like the Chromium Embedded Framework, to their apps. This allowed users to log into a service with their existing Google account without having to sign-up for a fresh account on a brand new platform.
While embedded browsers may have made it easy for an app user to sign-up or login, it also made it just as simple for a hacker to carry out a man-in-the-middle phishing attack. Malicious actors could use embedded browser frameworks to essentially eavesdrop on an unsuspecting user and steal their login credentials.
Unfortunately, Google can’t differentiate between legitimate sign-ins and a phishing attack through embedded browser frameworks. Because of this, the company has decided to ban this login method outright.
The company is urging developers using embedded browsers to switch to browser-based OAuth authentication. Basically, when a user wants to login to a third-party app using their Google account, the app would open up the Google sign-in page through their mobile browser. This way users can view the URL of the site to ensure this is a legitimate Google page and not a phishing website imposter.
Google it will begin blocking sign-ins from embedded browser frameworks in June.
-
Business7 days ago
TikTok faces a ban in the US, Tesla profits drop and healthcare data leaks
-
Business6 days ago
London’s first defense tech hackathon brings Ukraine war closer to the city’s startups
-
Entertainment6 days ago
Mark Zuckerberg has found a new sense of style. Why?
-
Business6 days ago
Humanoid robots are learning to fall well
-
Entertainment5 days ago
2024 summer TV preview: 33 TV shows to watch this summer
-
Business5 days ago
Google Gemini: Everything you need to know about the new generative AI platform
-
Entertainment4 days ago
‘Bridgerton’: Everything you need to remember before Season 3
-
Business5 days ago
Indian ride-hailing giant Ola cuts 180 jobs in profitability push