Google Chrome for both Android and iOS devices have received a crucial new update. According to Google, the latest Chrome update that brings Chrome 86 to mobile devices brings a crucial update that allows Google to check if your usernames and passwords have turned up in any breached credential databases around the world. It would then alert you if your passwords have been breached, and prompt you to update the same. Google vouches that it does not read your credentials itself, but relays them in a hashed state to Google servers to see if they were compromised at any point, in known breaches.
As you would expect, the feature will only work if you use Chrome to save your passwords, and Google will not actively scroll and relay your credentials to their servers if you log in to any site without saving the username or password. With data breaches being increasingly common, and credentials dumps surfacing quite regularly across the internet, this is an important feature that can potentially help you update your passwords regularly, and ensure that you do not end up compromising your account.
The latest Chrome update also adds one key new feature to each of Android and iOS, separately. On Chrome for Android, Chrome 86 is adding a new, Google specific feature called Enhanced Safe Browsing. With this mode, once you’re logged in with your Google account, the browser will send your real time browsing data to Google, therefore using Google’s real-time tracking of potentially malicious phishing websites and blocking them. Typically, safe browsing entails the use of Google’s regular blocked sites database, which is updated every 30 minutes. With the enhanced mode, Google offers you a way to browse safer, but at the cost of sending every bit of information on what you are browsing, over to Google.
On iOS, Chrome 86 has added ‘touch to fill’. The new feature adds a layer of biometric authentication before a webpage can auto-fill your username and password on its site. This can add a new layer of protection against advanced malware tools that may look to pre-load credentials to gain access to financial transactions, simply by adding an extra layer of authentication.