Security improvements and registration updates for the Google Chrome Extensions Gallery

Thursday, August 19, 2010

Since we introduced extensions in Google Chrome, we focused on making the platform more robust, by continuously exposing new APIs to developers. This has helped our extensions gallery blossom where more than 6,000 extensions are listed today and more than 10 million extensions are downloaded by Chrome users every month.

We designed security into the extensions system from day 1 but we’re always looking for more ways to protect users. So, today, we are introducing two significant changes in the Google Chrome Extensions Gallery: a developer signup fee and a domain verification system.

The developer signup fee is a one-time payment of $5. It is intended to create better safeguards against fraudulent extensions in the gallery and limit the activity of malicious developer accounts. Starting today, this fee will be required to publish extensions, themes and soon apps in the gallery. We are waiving the fee for developers who already registered with the gallery (specifically before 11am PST today), so that they can continue to update their extensions and publish new items without paying the fee.

Domain verification is another addition that we believe will protect users and developers alike. Developers will be able to associate their extensions (and soon their apps) with domains they own or manage using Google’s Webmaster Tools. This way, they can clearly associate their extension with their brand and website, which in turn will help users identify “official” extensions in the gallery.



We believe that these are important improvements to the security of the gallery. We understand that changes like these can create a lot of questions, so please reach out to us on our developer discussion group for extensions.


Post a Comment