Friday, April 7, 2017

Which is more secure: External browser or ChromeTab for authorization?

Leave a Comment

I am developing cordova based hybrid mobile apps targeted for android and iOS smartphones.

Update: Embedded webview approach is no longer supported by Google

Usecase: The application authenticate user and then would be accessing Google Calendar API's, and finally display user events on the app.

Note: I will be Using 3-legged OAuth and Google Data APIs without the client libraries.

Question For invoking OAuth requests to Google, shall I used external browser or ChromeTabs?

Which approach is best suitable from security point of view? Thanks!

3 Answers

Answers 1

From security point of view, it's the same, Chrome Custom Tabs rely on Chrome browser information and there is no difference on the security.

This is what official doc about Chrome Custom Tabs

Security: the browser uses Google's Safe Browsing to protect the user and the device from dangerous sites.

From app integration point of view, it's better to use Chrome Custom Tabs because you don't push the user out of the app for the login. But be aware that Chrome Custom Tabs are only available on Jellybean and greater (API 16) and needs Chrome 45 installed on the device.

Answers 2

Google chrome is best for that cause they put the permissions and other things that other sites can not access it without permission. So as compare to other browser it must be safe.

Answers 3

For Security point of reason Chrome is better then External browser as the data in Chrome will be in encrypt form where as in External browser we need to encrypt it. It also protect the phone from dangerous sites also.

Thanks!!

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment