How iOS 14.5 Beta ‘Safe Browsing’ Feature Protects Your IP Address

BY Sanuj Bhatia

Published 11 Feb 2021

Fraudulent website tracking ios 14.5

iOS 14 has been Apple’s biggest bet on privacy, yet. It introduced a number of privacy-related features, that have impressed the masses so far. Apple released the first beta of iOS 14.5 a few days ago. Then, the company rolled out a new update, to the first beta, the very next day. The new build introduces an updated version of the Fraudulent Website Tracking, that prevents your IP address from leaking. Here’s how it works.

Up until now, not much was known about the new features of the updated build of iOS 14.5 Beta 1. Now, a Reddit user u/StijnJB_ has pointed Apple’s updated way of handling Fraudulent Website Tracking.

How Fraudulent Website Tracking Works 

Fraudulent Website Warning is a feature in iOS that warns a user if the website he/she is trying to visit is a suspected phishing website. A phishing website might dupe a user by cloning a genuine banking website, or any website for that matter, and steal users’ personal information, such as usernames, passwords, mobile number, and other account information. Previously, Apple relied on a database that contained the addresses of these phishing websites, which is hosted by Google.

Google regularly updates this database, adding hundreds of phishing websites to it daily. Apple uses the same database, ensuring that Google never sees the URL you’re trying to visit. But it does state that Google may log your IP Address. Here’s what Apple says on its official Safari and Privacy page:

How Fraudulent Website Tracking Works in iOS 14.5

ios 14.5 fraudulent website checker

With iOS 14.5, Apple has introduced a new way it tracks fraudulent websites. The company still relies on Google’s database, but it has a proxy server in-between. This further safeguards user information like IP address since the IP address Google’s server sees is the Apple’s proxy server’s IP address, and not your device’s.

Moreover, Safari in iOS 14.5 sends only hashed prefixes of the URL, or basically a ‘hidden’ URL, to the phishing website checker. Since Apple is using a hashed prefix, Google can never know the website you’re trying to visit.

We Want to Hear From You

What are your thoughts on iOS 14 privacy features? Were you ever warned about a phishing website by Safari before? Let us know your thoughts in the comment section below!

[Via 8-Bit]