Collaborating to strengthen security across the Internet
Google has a long history of openly sharing our security learning, experiences and technologies with partners, competitors and organisations around the world. And as security threats evolve, this continuous industry-wide collaboration is critical to protecting users and helping create a more secure Internet together.
Sharing our security solutions helps us make the Internet safer together
Protecting you from risky sites, apps and ads with Safe Browsing
We built our Safe Browsing technology to protect web users from malware and phishing attempts by alerting users when they try to visit dangerous websites. Safe Browsing protects more than just Chrome users – to make the Internet safer for everyone, we made this technology free for other companies to use in their browsers, including Apple’s Safari and Mozilla’s Firefox. Today, more than 3 billion devices are protected by Safe Browsing. We also alert website owners when their sites have security flaws and offer free tools to help them quickly fix the problems.
HTTPS encryption keeps you safer when browsing the Internet
Backing our services with HTTPS encryption ensures that you can connect to sites and enter your private information such as credit card numbers without anyone intercepting your information. To encourage other websites to adopt this added security, we offer tools and resources to developers. HTTPS encryption is a criteria that the Google Search algorithm uses when ranking websites in our search results. It‘s also used for top-level domains such as .google or .app that use HSTS preloading, which enforces use of HTTPS on these domains.
Making security tools available to developers so that they can help prevent security risks
We share our security technology whenever we believe it can provide value for others. For example, we make our Google Cloud Security Scanner freely available to developers so that they can scan and analyse their web applications for security vulnerabilities in App Engine.
Project Shield prevents news websites from being shut down
Project Shield is a service that uses our technology to help protect news, human rights and election sites from distributed denial-of-service (DDoS) attacks. These attacks are attempts to take websites down and prevent voters from accessing vital information by overwhelming them with fake traffic. No matter the size of the website or the size of the attack, Project Shield is always free.
Industry-leading security innovation and transparency
Google’s strongest two-step verification against phishing
2-Step Verification (or 2SV) adds even more protection to your account by requiring a second verification step to sign in. While any form of 2SV, like SMS text message codes and push notifications, improves the security of your account, highly sophisticated attackers can occasionally circumvent these methods through targeted spear-phishing campaigns. Physical security keys prevent this by requiring you to tap your key to verify that it’s really you attempting to sign in. We consider security keys based on FIDO standards to be the strongest, most phishing-resistant method of 2SV available today.
Sharing data about our practices and guidelines to foster a safer Internet
Since 2010 we have published the Transparency Report, which features statistics on things such as phishing and malware detection and security initiatives such as Safe Browsing. We also share data on the industry’s adoption of encryption for websites and email. We do this not only to share our progress with our users, but also to encourage others to adopt stronger security standards in the interest of a safer Internet for all.
Advanced Protection Programme – protecting at-risk users from targeted attacks
Even the most security-conscious users can be tricked by phishing scams or other sophisticated and highly targeted attacks. The Advanced Protection Programme is Google’s strongest security offering, designed to safeguard the personal Google accounts of those most at risk of targeted attacks – such as policymakers, campaign teams, journalists, activists, business leaders or anyone else who believes that they could be vulnerable to sophisticated digital attacks.
Improving standards to elevate security across the industry
Creating security rewards to uncover security vulnerabilities
At Google, we pioneered vulnerability reward programmes that pay independent researchers to find vulnerabilities in our services. To reward all the cutting-edge external contributions that help us keep our users safe, every year we award millions of pounds in research grants and bug bounties. We currently offer vulnerability rewards for many of our products, including Chrome and Android.
In addition to engaging independent researchers, we also have an internal team of engineers called Project Zero, which tracks down and addresses security flaws in software used across the Internet.
Collaborating with top researchers to advance security solutions
Our researchers collaborate extensively with academia, industry groups and non-governmental organisations (NGOs) partners to advance the state of security, privacy and anti-abuse research. We are developing transformative solutions to protect users everywhere through active collaboration, and our researchers support ambitious research projects by lending their expertise and providing access to Google resources.
Elevating authentication standards to keep your sign-in as secure as possible
We’ve always been at the forefront of co-creating or adopting the strongest possible sign-in and authentication standards on the web. We collaborate across the industry and share technology by developing centralised web standards. One such partnership with the nonprofit organisation FIDO Alliance worked to set and deploy new industry standards for companies to use, ensuring secure account access for their employees.
Providing outreach and online safety training to bring better security to all
We provide educational materials, training and tools to help people around the world learn how to stay safe online. Our outreach team annually reaches more than 100 million people – including educators, students, parents, the elderly and people with disabilities – with online safety resources and training.