Brave Privacy update changes how the browser handles Google Sign-In requests

Martin Brinkmann
Mar 7, 2023

Brave is changing how the company's web browser is handling Google sign-in requests. The privacy change gives users more control over sign-in prompts in the desktop and Android versions of Brave.

To better understand the change, it is necessary to take a look at how Brave browser handles these prompts currently. Third-party websites and services may use single sign-on (SSO) systems for authentication. These systems, offered by Google, Facebook and other major Internet companies, offer several advantages both to the site and to the user.

Most Internet users have accounts at Google, Facebook and other major sites already. Using these to sign-up to a service is a straightforward process that speeds up account creation and eliminates the need to remember yet another secure password. Security-wise, it is often the case that these large companies offer better protective and security features.

brave social blocking google
The classic Google Sign-In setting

While these sign-in options offer benefits, they do come with risks. One of them is privacy related. The big tech sites gain insights on the sites that a user uses, at the very least. Depending on how the system is designed, additional use data may also be available to the SSO providers.

Brave Browser, up until now, had a single switch to allow or block Google login buttons on third-party sites. Enabled by default, users could disable it to prevent these sign-ins from working. Under the hood, Brave blocked third-party cookies for Google's SSO system, if the setting was disabled.

When users kept it enabled, an exception to Brave's third-party cookies handling was made for all sites that used the Google Sign-in system. Third-party cookie access is needed, as it powers the functionality.

The exception is limited to URLs used for Google logins; other Google systems, including those used for analytics or ads, were not allowed.

Brave users may load brave://settings/socialBlocking in the address bar to configure the current setting.

Brave's privacy change regarding Google Sign-In requests

Starting in Brave Browser 1.51, Brave removes the setting under Soccial Blocking. The developers have created a site permission, called Google Sign-In, which handles the functionality per site.

The default permission is set to ask, which prompts users whenever a site requests to use the Google Sign-In system. As is the case with permissions, users may switch it to allow or block instead. Allow gives all sites permission to use the system, block prevents sites from using it. It is still possible to define exceptions, even if the preference is set to allow or block.

The main privacy gain for users is that the system is no longer an all or nothing approach. Now, they may allow some sites to access the Google Sign-In systems, and prevent all other sites from using it.

Brave launched several other important improvements in its browser recently, or plans to launch them. To name a few: disabling open in app prompts, a new AI summarizer in Brave Search, and HTTPs by Default functionality.

Closing Words

Brave considers its system for Google Sign-In prompts superior to that of other third-party browsers. The main differentiating factor is that Brave's system is specific, while the system that browsers such as Firefox, Safari or Edge use is not.

Brave plans to launch the improvement in Brave 1.51, which will be released in the coming months.

Now You: do you use Single Sign-On?

Brave Privacy update changes how the browser handles Google Sign-In requests
Article Name
Brave Privacy update changes how the browser handles Google Sign-In requests
Brave Browser 1.51 includes a privacy improvement regarding Google Sign-In requests on websites visited in the browser.
Ghacks Technology News

Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.