Major web browsers are rolling out advanced AI features. These “agentic” capabilities can act autonomously, like shopping or booking flights. This shift introduces new security risks for user data and finances.

Google has detailed its security blueprint for these features in Chrome. The company is implementing multiple safeguard models to oversee AI actions. This framework is critical as agentic tools prepare for a wider release soon.

How Google’s Multi-Model System Protects Users

Google’s security relies on a layered model approach. A “User Alignment Critic” built with Gemini scrutinizes every planned AI action. If the critic flags a task, the system re-evaluates the strategy before proceeding.

This critic only reviews action metadata, not actual web content. According to a company blog post, this separation is a core privacy measure. It helps ensure the AI’s goals truly align with the user’s intent.

Another layer uses “Agent Origin Sets.” These restrict what websites the AI can access. Read-only origins allow the AI to consume information, like product listings. Writable origins are the only places it can click or type.

This system bounds the threat of cross-origin data leaks. The browser itself can enforce this separation strictly. It simply won’t send disallowed data to the AI model in the first place.

User Consent Remains the Final Safety Check

For highly sensitive actions, Google hands control back to the user. The AI must ask for permission before navigating to banking or medical sites. It will also request consent before using the password manager for logins.

The model has no direct exposure to saved passwords. Google also stated it will require user approval for purchases or sending messages. A final observer model checks URLs to block navigation to harmful, AI-generated links.

The company is also testing against simulated attacks from researchers. An additional prompt-injection classifier helps prevent malicious instructions from hijacking the agent. This multi-pronged strategy reflects industry-wide caution.

Other AI browser makers are taking similar steps. Perplexity recently released an open-source model to detect malicious content targeting agents. The focus on security is now a top priority across the sector.

The rollout of agentic browser features marks a new era for convenience. Google Chrome’s proactive security model highlights the industry’s recognition of the accompanying risks. Success will depend on balancing powerful automation with robust, user-centric protection.

A quick knowledge drop for you

What are agentic browser features?

They are AI capabilities that perform tasks for you automatically. This can include comparing products, filling forms, or booking services. The agent acts on your behalf based on a broad instruction.

What is the main security risk with browser AI agents?

The primary risk is the agent taking an unwanted action that leads to data loss or financial cost. For example, it could be tricked into navigating to a malicious site or making an unauthorized purchase.

How does Google’s “critic” model improve safety?

It reviews the AI’s planned actions to check if they serve the user’s goal. If the plans seem misaligned, it forces a rethink. This acts as a safety checkpoint before any action is taken.

Can the AI agent access my saved passwords?

No. Google states the AI model does not have exposure to password data. For sites requiring login, the agent must ask user permission to let Chrome’s password manager handle it.

Are other browsers working on similar security?

Yes. Companies like Perplexity are also developing security models for AI agents. The entire industry is focusing on prevention tools, like classifiers to stop prompt injection attacks.

iNews covers the latest and most impactful stories across entertainment, business, sports, politics, and technology, from AI breakthroughs to major global developments. Stay updated with the trends shaping our world. For news tips, editorial feedback, or professional inquiries, please email us at [email protected].

Get the latest news and Breaking News first by following us on Google News, Twitter, Facebook, Telegram , and subscribe to our YouTube channel.