iOS 13’s “Fraudulent Website Warning” feature for Safari mobile shares some of your browsing data by default. That’s normally a good thing, since Google takes this data, hashes what you’re attempting to access, and is only able to sort-of match what you were looking for with your IP address. However, Apple is also sending this data to the Chinese company Tencent in some instances, and there’s a little extra cause for concern — but odds are good you’re still fine.
Johns Hopkins University professor and professional cryptographer Matthew Greene wrote a detailed blog post about the technology Apple is using for its “Fraudulent Website Warning” feature and how it came to be the standard for “safe browsing.”
The most important point, however, is that the option is on by default for all iOS 13 users. While you can turn it off, your device will be at a much greater risk of malware attacks and phishing scams. Leave it on, however, and your data could be shared with Tencent, a company that isn’t as interested in protecting your privacy as Google.
As Apple clarified in a statement, data only goes to Tencent if you’re in China. If you’re not, you don’t have to stress — Google, not Tencent, is analysing the websites you’re visiting to make sure they aren’t trying to scam you. As Apple’s statement reads:
“Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing. To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent.”
With this turned off, your iPhone will no longer alert you before visiting potentially dangerous websites, so you need to be extra vigilant with your browsing practices.