The browser will now show a warning in the event that what a user is installing is not considered “trusted.” For an extension to be trusted, it needs to originate from a developer that has complied with Google’s Developer Program Policies and should have been available for “at least a few months.” Brand-new developers won’t immediately be considered trusted by Google.
When a user attempts to download an extension that’s not trusted, Chrome will show a pop-up warning that you should “proceed with caution.” However, there’s still the option to “continue to install” the extension. Google says nearly three-quarters of the extensions on Chrome’s store will be considered trusted under its criteria. Not being “trusted” doesn’t mean Google thinks an extension is dangerous, but that its developer might be newer to the store or may have recently committed a minor policy violation.
Apart from the extension feature, Chrome is also adding a new scanning feature for suspicious-looking downloads. In the future, any downloads that seem “risky, but not clearly unsafe” will offer an option to upload them to Google’s servers for a more thorough scan. This process can be ignored by a user, but it offers an extra layer of protection when downloading files from the web. The new scanning option is offered in addition to the existing metadata checks that Chrome currently performs on downloads.
According to the company, the new updates are rolling out gradually for Chrome 91, the version of the browser that released recently.