Google Adds Security Layers to Safeguard Agentic Browsing With Chrome | PYMNTS.com

By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

The tools are designed in part to combat "the primary new threat facing all agentic browsers," indirect prompt injection, Nathan Parker, Chrome security team, said in a Monday (Dec. 8) blog post.

Indirect prompt injection, which can appear in malicious sites, in third-party content in iframes, or from user-generated content such as user reviews, can cause the agent to take unwanted actions, including initiating financial transactions or exfiltrating sensitive data, according to the post.

To combat this threat, Google has added new layers to its existing protections, the post said.

These include a new user alignment critic that involves a separate model isolated from the untrusted content vetting the actions of the agent, and an extension of Chrome's origin-isolation capabilities to limit the origins with which the agent can interact to those that are relevant to the task, per the post.

The layers also include user confirmation for critical steps, real-time detection of threats, and red-teaming and response, according to the post.

"The upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same rigor that has defined Chrome's security model from its inception," Parker said in the post. "By extending some core principles like origin-isolation and layered defenses, and introducing a trusted-model architecture, we're building a secure foundation for Gemini's agentic experiences in Chrome."