Google is set to pilot an innovative “IP Protection” feature for its Chrome browser that aims to enhance user privacy. This feature will hide users’ IP addresses by using proxy servers, striking a delicate balance between preserving web functionalities and protecting users from covert tracking.
need for ip security
Every device connected to the Internet has an IP address, a unique identifier that allows websites and online services to track user activities across different sites. This tracking capability facilitates the creation of persistent user profiles, posing serious privacy concerns. Unlike third-party cookies, which users can easily block, avoiding covert tracking via IP address has been more challenging until now.
How does Google’s IP protection work?
Essential web functions, such as traffic routing and fraud prevention, depend heavily on IP addresses. Google’s “IP Protection” understands this dual role and navigates it by routing third-party traffic from certain domains through proxies. This makes users’ IPs invisible to these domains. As Google said, “Chrome is re-introducing a proposal to protect users against cross-site tracking via IP address. This proposal is a privacy proxy that anonymizes IP addresses for qualified traffic.” “
Initially, IP protection will be optional, ensuring user control over privacy and enabling Google to assess behavioral patterns. This feature will be rolled out gradually, keeping in mind regional specifics and learning curves.
In its “Phase 0”, Google will proxy requests only for its own domains using its proprietary proxy. This phase will enable the tech giant to test the backbone of the system and refine the domain list. However, only users logged in to Chrome and users with a US-based IP will be able to use these proxies during this phase.
As part of its anti-abuse measures, Google-managed authentication servers will allocate access tokens to proxies, setting a limit for each user. Future plans include introducing a 2-hop proxy system to further enhance privacy. “The second proxy will be run by the external CDN, while Google runs the first hop,” the IP Protection Explainer document states.
Furthermore, given that many online services use GeoIP to determine user location for service provisioning, Google’s goal is to assign IP addresses to proxy connections that represent general user location rather than exact one.
Security First: Addressing Security Concerns
Proxying traffic through Google’s servers can present challenges for security and fraud protection services in detecting invalid traffic or preventing DDoS attacks. Furthermore, if a Google proxy server were ever compromised, malicious actors could potentially see and manipulate the traffic routed through it. To combat these risks, Google is considering the idea of requiring users to authenticate with proxies, ensuring that proxies cannot link web requests to specific accounts, and to prevent DDoS attacks. Rate-limiting is implemented.
The feature will be tested on Chrome versions 119 to 225. As Google moves forward, it is committed to ensuring that the web remains functional while keeping users’ privacy at the forefront.