Apple Clarifies Tencent's Role in Fraudulent Website Warnings, Says No URL Data is Shared and Checks are Limited to Mainland China

Following user concern over Apple using Chinese company Tencent as one of its Safe Browsing partners for Safari, Apple has issued a statement assuring customers that website URLs are not shared with its safe browsing partners.

For those unfamiliar with the feature, Safari sends data to Google Safe Browsing to cross reference URLs against a blacklist to protect users against scams and malicious sites. It recently came to light that Apple is also using Tencent for this purpose, and there was concern that data from users outside of China was being sent to Tencent.

apple safari fraudulent website warning tencet
According to Apple's statement, that is not the case, and Tencent is used for devices that have their region code set to mainland China. Users in the United States, the UK, and other countries do not have their website browsing checked against Tencent's safe list.

Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.

To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.

Safari occasionally receives a list of hash prefixes of URLs known to be malicious from Google or Tencent, choosing between them based on the device's region setting (Tencent for China, Google for other countries). Hash prefixes are the same across multiple URLs, which means the hash prefix received by Safari does not uniquely identify a URL.

Prior to loading a website, when the fraudulent website warning feature is toggled on, Safari checks whether a website URL has a hash prefix to match the hash prefixes of malicious sites. If a match is found, Safari sends the hash prefix to its safe browsing provider and then asks for the full list of URLs that have a hash prefix that matches the suspicious one.

When Safari receives the list of URLs, it checks the original suspicious URL against the list, and if there is a match, Safari shows the warning pop up suggesting users stay away from the site. The check happens on the user's device, and the URL itself is not shared with the safe browsing provider, but because Safari communicates directly with the safe browsing provider, the providers do receive device IP addresses.

Information about Apple's safe browsing partners can be found in the About Safari and Privacy screen, available in the Privacy and Security section of the Safari portion of the Settings app. Fraudulent website protection is enabled by default, and those still concerned about the safety check feature can turn it off by deselecting the "Fraudulent Website Warning" toggle.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: China, Safari

Top Rated Comments

thadoggfather Avatar
30 months ago
Apple PR has been working long hours this past week
Score: 27 Votes (Like | Disagree)
jsmith189 Avatar
30 months ago

A Chinese company is your "safe" browsing partner ... what are you smoking Apple.

... for Chinese users.
Score: 21 Votes (Like | Disagree)
jsmith189 Avatar
30 months ago

Looks like i8t's slowly the time to depart from Safari.

If they continue hugging this much with China, looks like it will soon be the time to depart from Apple as well.

I mean, seriously, what the heck, Apple???
How is it "hugging with China" if literally the only people that (voluntarily) deal with the Chinese provider are... people in China? Also, you can turn it off, so this isn't a Safari thing either.

I swear people either don't read or just choose to take out of it what they want lol. This is absolutely a non-issue, but people are seeing trigger words and running with it.
Score: 19 Votes (Like | Disagree)
calzon65 Avatar
30 months ago
A Chinese company is your "safe" browsing partner ... what are you smoking Apple.
Score: 18 Votes (Like | Disagree)
jsmith189 Avatar
30 months ago

Apple is digging its own grave with all of the recent pro-China (aka pro-CCP) narrative.

First, it was Apple's direct anti-democracy stance against HK and now this. Shame on them. I'm very glad to not have upgraded my iPhone in almost 3 years.
Given that Google is blocked in China, what would you suggest they do in this instance?
Score: 17 Votes (Like | Disagree)
thisisnotmyname Avatar
30 months ago
so everyone freaked out about privacy when in reality the list is cached and evaluated locally for both China and the rest of the world and only those that match a list of known problem sites are sent for further evaluation. OK.
Score: 16 Votes (Like | Disagree)

Popular Stories

maxresdefault

Review: M1 Max MacBook Pro After Three Months

Wednesday January 19, 2022 11:30 am PST by
It's now been a few months since the M1 Pro and M1 Max MacBook Pro models launched in October, and MacRumors video editor Dan Barbera has been using one of the new machines since they debuted. Over on the MacRumors YouTube channel, Dan has shared a three month review of his MacBook Pro to see how it has held up over time and how it's changed his workflow. Subscribe to the MacRumors YouTube ...
airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
iphone se 2020 top

New iPhone SE Likely to Launch in April Based on Production Timeframe

Wednesday January 19, 2022 6:44 am PST by
Apple suppliers will begin producing display panels for the third-generation iPhone SE this month, with final assembly of the device likely to start in March, according to information shared by display industry consultant Ross Young. Based on this production timeframe, Young believes the third-generation iPhone SE is likely to launch in the second half of April, or perhaps in early May at...
iphone 13 earpods

Apple to Stop Including EarPods With Every iPhone Sold in France From Next Week

Friday January 21, 2022 3:21 am PST by
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
Spring 2022 Apple Products Feature

New iPad Air, Macs, and iPhone SE With 5G Likely to Be Announced at Apple Event This Spring

Thursday January 20, 2022 8:32 am PST by
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April. Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
appleeducation

Apple's US Education Store Now Requires Institution Verification to Buy Discounted Products

Wednesday January 19, 2022 2:22 am PST by
Apple is now requiring that customers in the United States verify that they're active students, teachers, or staff members at an educational institution in order to access education discounts on products. Previously, little verification was needed for customers to purchase products through Apple's education store in the United States. Apple's education stores offer models of the iPad and Mac ...
AirPods 3 New Firmware Feature

Apple Updates AirPods 3 Firmware to Version 4C170

Tuesday January 18, 2022 11:46 am PST by
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December. Apple does not offer details on what's included in new firmware updates for the AirPods‌, so we don't know what improvements or bug fixes the new firmware brings. There is no standard way to upgrade the ‌AirPods‌‌ software, but firmware is...
appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
apple watch series 7 aluminum colors yellowbg

Apple Watch Charging Bug Fixed in watchOS 8.4 Release Candidate

Thursday January 20, 2022 4:01 pm PST by
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch. Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...