Chrome extensions are awesome. They can help you write better, keep annoying ads at bayand save you money while you shop, among hundreds of other tasks. However, like Android apps on the Play Store, extensions on the Chrome Web Store aren’t always what they seem. Malware is a big concern, and you definitely don’t want to compromise your privacy and security by trying to download an ad blocker.
Google seems to know that the quality and security of many Chrome extensions isn’t particularly consistent. This is why the company has rolled out a new system for identifying extensions and verified creators. As you browse through addons for download, you’ll start to notice two new badges on reputable options, both of which indicate different ways that particular addon and/or its publisher have been deemed legitimate.
The “Featured” badge appears as a blue ribbon icon on some extensions. According to Google, the company awards this badge to extensions that “follow our technical best practices and meet a high standard of user experience and design.” The cool thing about this badge is that it’s a sign that the extension was hand-reviewed by members of the Chrome team, rather than assigned by an algorithm or other program. .
These team members check if the extension has a solid store page with a clear representation of its functions; that it works well for those who download it; that it uses the latest Chrome APIs; and, most importantly in my opinion, that it respects users’ privacy. While Google itself does not have the better reputation for user privacy, it’s good to see the company at least recognize that it’s worth making sure an extension isn’t blatantly stealing your data.
Established Publisher Badge
When Google considers a publisher to be compliant with the Developer Program Rules and has verified their identity with Google, the company awards them the established publisher badge. You’ll see this badge as a checkmark next to the publisher’s website. This badge provides another good way for users to trust the extension they want to install, as it means Google knows who they are. If the developer tries something weird, their account is probably fried.
What else can you do to make sure a Chrome extension is safe?
Even with these two new badges in place, you should still follow best practices before downloading extensions to your browser:
- Read the full description so you know exactly what you are downloading and what it promises to do.
- Check all extension request permissions. If you think there’s no reason for the extension to request access to your camera, that’s a big red flag.
- Review on the developer’s website, which is always listed on the store page of the extension. If you get a weird vibe from the site, or if it doesn’t seem to match the promise of the extension you’re considering, trust your instincts and leave it alone.
- Don’t forget to check the reviews. If customers have had shady experiences with an extension, they’ll likely point it out in the comments. On the other hand, if most of the comments are quite old and you can’t find recent ones, you might want to stay away. Make sure the extensions you download are up-to-date, reducing the risk that they have been compromised.