Google has always been experimental with Chrome browser features to improve security. One of which is rather the unusual feature of hiding URL addresses in an effort to prevent phishing and cyber-attacks.
Over the years, Google has tried this feature on and off.
Despite the backlash from many users, the tech company is still pushing through with this feature. In an experimental feature, Google is planning to hide all parts of the web addresses but the domain name.
Google hides URL in an experimental feature
This experiment was first spotted in Chrome’s Canary software branch, which modifies the appearance and behavior of web addresses in the address bar. The main flag is called “Omnibox UI Hide Steady-State URL Path, Query, and Ref” which basically hides everything that comes after the website’s domain name in the address bar.
We have tried the feature for ourselves in a Mac Chrome browser. Once you try out this feature, you will see two additional flags that modify the behavior.
First – the browser will display the full address once you hover over the address bar instead of having to click it.
Second – the browser hides the URL address of the domain once you interact with the page.
Why hides the URL address?
Apparently, according to Google long URL addresses are scary. The tech company hopes that this feature will boost security for the less tech-savvy users. How – by focusing a user’s attention on the domain name instead of the URL as a whole. This functionality aims to help some users avoid suspicious or illegitimate websites.
But to set things straight, Google is not forcing the feature on its users just yet. Even those who choose to try it on Canary builds of Chrome will need to enable the new URL-hiding function manually via the chrome://flags interface.
As you can see in the graph above, SaaS/webmail is one of the most targeted online industry for phishing attacks. Coming in second is ‘Payment’, as the vast majority of phishing attacks involve credential phishing.
Cyber attacks are very rampant on the internet. In fact, according to researchers hacking, breaching, and other sorts of cyberattacks will tremendously increase in 2020.
Google has constantly updated its Chrome features to prevent such things from happening to its users. Beginning in March this year, the company has updated the ways on how to easily use the two-factor authentication on its browsers to avoid phishing.
Reasons why Google hides URL addresses
Two of the possible reasons why Google wants to push through with this feature are as follows:
According to Google, showing off full URLs in the address bar may actually make it more difficult to determine if a site is legitimate or not. Therefore, it will be more likely for users to be exploited.
The reason is – showing the full URL address may detract users from the most important thing, the domain name, which is the most important thing in determining whether a webpage is legitimate or not.
Mind you, it’s not uncommon for current versions of today’s web browsers to hide full URL addresses. Google may be working on this update to bring its browser more in line with the look and feel of others.
Take for example Safari – it hides the full URL paths, however, it does not go as far as to hide the full address bar when the user begins to interact with the page.
The full URL address is not quite accessible in Safari as well. Users will have to click on the address bar to reveal it in full. Meanwhile, in Chrome 85, users will only have to hover over the address bar.
The tech giant has not publicly acknowledged the feature update to Chrome 85. If users will now take this idea and see its relevance, perhaps Google might officially roll this out.