HOT DEALS

Google Introduces New Security Protections to Counter Risks from Unverified Apps

Google Security

Have you not upgraded your website to HTTPS yet? Upgrade NOW.

Google with its Chrome 68 update to show all HTTP websites as NOT SECURE. Avoid Google's penalty by installing an SSL Certificate. Get a DigiCert Standard SSL and secure your website at just $157/year. BUY NOW

ADVERTISEMENT

Google has shown constant dedication over the years in terms of security of the users. Earlier this year saw the company unveiling details on a few of its latest anti-phishing tools. Google also went on rolling out developer-focused updates for its risk assessment systems, app publishing processes, and consent pages for the users. The company’s most recent endeavor is introducing OAuth apps whitelisting in G Suite to provide choices to admins regarding the selection of third party apps in accessing user data.

Google noticed in the several past months that certain new web apps need to go through a verification process before their launches. This requirement was on the basis of “a dynamic risk assessment”. This foundation led the multinational enterprise to expand accordingly and to introduce new security protections of today.

The introduction includes bolder warnings for updating users regarding newly created web apps, and regarding the Apps Scripts pending verifications currently. As per Google, the changes are to enhance developer experience. The upcoming months will see Google working more insightfully on verification process and new warnings (also for existing apps).

Extended Security Protections to Google Apps Script

Starting from today, Google is rolling out a new screen hoarding “unverified app” for newly created web apps and Apps Scripts requiring verifications. This new screen is a substitute of “error” page and is to be received today by users and developers of unverified web apps.

Before the permissions consent screen for the app, the users are to come across the ‘unverified app’ screen, Thusly being notified. This is to reduce the risk of user data being phished by bad actors.

Extended Security Protections to Google Apps Script

Google Apps Script is having the same protections. Further information in this regard can be seen in the verification documentation page.

Apps Script is actively responsible for protecting users against abusive apps in different other ways. Users will see new cautionary language reminding them to ‘consider whether you trust’ an application before granting OAuth access, as well as a banner identifying web pages and forms created by other users.”

Extended Protections to Existing Apps

Google is working on developing user protections in extending the verification process to existing apps as well. This expansive effort includes the requirement of developers of a few current apps to go through the verification process.

Developers should verify their contact info is updated for ensuring a smooth transition, Google advises. Further information on ‘should-be’ for the developers regarding granting IAM roles in the Google Cloud Console can be seen in this article.

Information on the same for the developers in the API manager can be seen in this article.

Google is committed to consistently stimulate healthy ecosystem for both developers and users on the web platform. The new notices are going to serve them better in understanding risks and taking actions accordingly.

Source: Google Developers Blog

Google Introduces New Security Protections to Counter Risks from Unverified Apps