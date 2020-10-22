Chrome 86 hides abusive notifications with a “Silent Notification Authorization UI” to improve the quality of the Chrome web notification ecosystem

While useful for a wide variety of applications, web notifications can also be used to phishing, downloading malware, or displaying fake messages that mimic system notifications and generate user interactions.

Starting with Chrome 86, Google also automatically hides notification spam on websites that have previously sent improper notification content to visitors.

PJ McLachlan, Google Web Platform Product Manager, explains:

“In Chrome 86, we built on our previous efforts to improve the quality of the web notification ecosystem by implementing measures against websites sending abusive notification content. This includes websites that send messages containing links to malware or attempt to forge administrative system messages.

“If abusive notification content is detected on an origin, Chrome will automatically display permission requests via a quieter user interface (see below).”

User interface on the desktop version of Chrome for silent notifications on abusive websites. The new user interface prevents users from allowing notifications from these websites.

The Silent Notification Authorization UI, used to hide web alert spam from users, was introduced in Chrome 80 and improved in Chrome 84. Starting with this release, websites that use misleading templates to request notification permissions have been added to the notification spam system. The new Chrome 86 implementation focuses on notification content and is triggered by websites that have historically sent messages with abusive content.

“Abusive notification prompts are one of the biggest user complaints we’ve received about Chrome,” noted PJ McLachlan. “Our goal with these changes is to improve the user experience for Chrome users and to reduce the incentive for abusive websites to abuse web notification functionality. “”

So Google intends to improve the quality of the Chrome web notification ecosystem by focusing on the content of notifications and by hiding notifications on websites that have previously sent notification spam with notification spam. Abusive content that delivers malware or aids in gathering user credentials.

Chrome Mobile UI for silent notifications on abusive websites. The new user interface prevents users from allowing notifications from these websites.

How does Chrome detect websites that are sending abusive notification content?

The Google crawler occasionally subscribes to website push notifications when a push authorization is requested. Notifications sent to automated instances of Chrome using secure browsing technology are checked for abusive content, and websites sending abusive notifications are flagged if the issue is not resolved.

Automated Chrome crawlers then use Google’s safe surfing blacklist service to evaluate received notifications and automatically mark all websites that use them for malicious purposes to force the blocking of notifications by switching to the user interface. silent user of notification authorization.

30 days grace period

Developers and website owners can use the Search Console Abusive Notifications report to determine whether Google’s web crawler has detected abusive notification behavior on their websites.

Google will also email registered website owners and users “at least 30 calendar days prior to this action” so they can resolve abusive notification issues and request a re-examination.

Website owners and developers can learn more about the nuisance notification screening process in Search Console Help.

Google also gives them step-by-step instructions on how to fix automatically detected fake notifications and request new website reviews.

“Before Chrome released notification fraud protection, many users were inadvertently allowing notifications from websites that were engaging in abusive activity. In a future release, Chrome will reset the notification permission status for abusive origins from “granted” to “default” to prevent those websites from issuing new notifications unless the user does. goes back to the original abuse and does not reactivate notifications, ”added McLachlan.

Fix problems and submit a website for review

Abusive Notifications

Source: Chromium Blog

