Apple Clarifies Tencent's Role in Fraudulent Website Warnings, Says No URL Data is Shared and Checks are Limited to Mainland China

Following user concern over Apple using Chinese company Tencent as one of its Safe Browsing partners for Safari, Apple has issued a statement assuring customers that website URLs are not shared with its safe browsing partners.

For those unfamiliar with the feature, Safari sends data to Google Safe Browsing to cross reference URLs against a blacklist to protect users against scams and malicious sites. It recently came to light that Apple is also using Tencent for this purpose, and there was concern that data from users outside of China was being sent to Tencent.

apple safari fraudulent website warning tencet
According to Apple's statement, that is not the case, and Tencent is used for devices that have their region code set to mainland China. Users in the United States, the UK, and other countries do not have their website browsing checked against Tencent's safe list.

Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing.

To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.

Safari occasionally receives a list of hash prefixes of URLs known to be malicious from Google or Tencent, choosing between them based on the device's region setting (Tencent for China, Google for other countries). Hash prefixes are the same across multiple URLs, which means the hash prefix received by Safari does not uniquely identify a URL.

Prior to loading a website, when the fraudulent website warning feature is toggled on, Safari checks whether a website URL has a hash prefix to match the hash prefixes of malicious sites. If a match is found, Safari sends the hash prefix to its safe browsing provider and then asks for the full list of URLs that have a hash prefix that matches the suspicious one.

When Safari receives the list of URLs, it checks the original suspicious URL against the list, and if there is a match, Safari shows the warning pop up suggesting users stay away from the site. The check happens on the user's device, and the URL itself is not shared with the safe browsing provider, but because Safari communicates directly with the safe browsing provider, the providers do receive device IP addresses.

Information about Apple's safe browsing partners can be found in the About Safari and Privacy screen, available in the Privacy and Security section of the Safari portion of the Settings app. Fraudulent website protection is enabled by default, and those still concerned about the safety check feature can turn it off by deselecting the "Fraudulent Website Warning" toggle.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: China, Safari

Popular Stories

iPhone 17 Slim Feature

'iPhone 17 Air' With 'Major' Design Changes and 19-Inch MacBook Detailed in New Report

Sunday December 15, 2024 9:47 am PST by
Apple is planning a series of "major design" and "format changes" for iPhones over the next few years, according to The Wall Street Journal's Aaron Tilley and Yang Jie. The paywalled report published today corroborated the widely-rumored "iPhone 17 Air" with an "ultrathin" design that is thinner than current iPhone models. The report did not mention a specific measurement, but previous...
iphone 17 pro concept render cameras

Major iPhone 17 Pro Redesign Backed by Supply Chain Info, Claims Leaker

Thursday December 12, 2024 4:36 am PST by
Next year's iPhone 17 Pro models will reportedly feature a major redesign, specifically centering around changes to the rear camera module, and now new supply chain information appears to confirm the striking change, according to a Chinese leaker. iPhone 17 Pro concept render Late last month, The Information's Wayne Ma claimed that the rear of the ‌iPhone 17‌ Pro and ‌iPhone 17‌ Pro...
Generic iOS 18

Apple Releases First Betas of iOS 18.3 and iPadOS 18.3

Monday December 16, 2024 10:06 am PST by
Apple today seeded the first betas of upcoming iOS 18.3 and iPadOS 18.3 updates to developers for testing purposes, with the software coming a week after Apple released iOS 18.2 and iPadOS 18.2. iOS 18.3 and iPadOS 18.3 can be downloaded from the Settings app on a compatible device by going to General > Software update. There's no word yet on what's included in iOS 18.3 and iPadOS 18.3, ...
Magic Mouse Next to Keyboard

Apple 'Working' on Redesigned Magic Mouse With a Long-Awaited 'Fix'

Sunday December 15, 2024 8:43 am PST by
Apple is working on a redesigned Magic Mouse that will address some "longstanding complaints," according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman said Apple in recent months has been working on a "full overhaul" of the Magic Mouse with a design that "better fits the modern era." However, he does not expect the new Magic Mouse to be released in the "next 12 to 18...
AirTag 2 Mock Feature

AirTag 2 Expected to Launch Next Year With 'Considerable' Upgrade to Item Tracking

Sunday December 15, 2024 2:57 pm PST by
Apple plans to release a second-generation AirTag next year with "considerably" longer range for item tracking, according to Bloomberg's Mark Gurman. In his Power On newsletter today, Gurman said the new AirTag will use Apple's second-generation Ultra Wideband chip, or equivalent technology. The chip debuted last year in the iPhone 15 and the Apple Watch Ultra 2, and Apple said it offers up...

Top Rated Comments

thadoggfather Avatar
68 months ago
Apple PR has been working long hours this past week
Score: 27 Votes (Like | Disagree)
jsmith189 Avatar
68 months ago

A Chinese company is your "safe" browsing partner ... what are you smoking Apple.

... for Chinese users.
Score: 21 Votes (Like | Disagree)
jsmith189 Avatar
68 months ago

Looks like i8t's slowly the time to depart from Safari.

If they continue hugging this much with China, looks like it will soon be the time to depart from Apple as well.

I mean, seriously, what the heck, Apple???
How is it "hugging with China" if literally the only people that (voluntarily) deal with the Chinese provider are... people in China? Also, you can turn it off, so this isn't a Safari thing either.

I swear people either don't read or just choose to take out of it what they want lol. This is absolutely a non-issue, but people are seeing trigger words and running with it.
Score: 19 Votes (Like | Disagree)
calzon65 Avatar
68 months ago
A Chinese company is your "safe" browsing partner ... what are you smoking Apple.
Score: 18 Votes (Like | Disagree)
jsmith189 Avatar
68 months ago

Apple is digging its own grave with all of the recent pro-China (aka pro-CCP) narrative.

First, it was Apple's direct anti-democracy stance against HK and now this. Shame on them. I'm very glad to not have upgraded my iPhone in almost 3 years.
Given that Google is blocked in China, what would you suggest they do in this instance?
Score: 17 Votes (Like | Disagree)
thisisnotmyname Avatar
68 months ago
so everyone freaked out about privacy when in reality the list is cached and evaluated locally for both China and the rest of the world and only those that match a list of known problem sites are sent for further evaluation. OK.
Score: 16 Votes (Like | Disagree)