Google, faced with criticism from many quarters, has announced that it will interrupt the development of a controversial technology which on paper should have resulted in a system to combat online fraud but which according to most resembled a DRM technology (Digital Rights Management) for websites.
The solution proposed by the Mountain View company is called(va) Web Environment Integrity (WEI): would have introduced a remote attestation mechanism. Anyone not using “approved” devices and web browsers could have been automatically barred from visiting websites and online services. Think for example of rooted terminals, the use of unofficial or modified software, the use of less famous web browsers.
Google introduces some kind of DRM technology for Android WebView
Android WebView, as we saw in another article, is a component that developers can use to integrate the main features of a browser in their applications. Often, in fact, aapp Android needs to render the content of a web page: here, WebView meets precisely this need.
After the barrage of criticism received regarding the development of WEI, Google has decided to shelve the project while announcing its intention to focus on the API Android WebView Media Integrity. This is a mechanism that offers a form of remote attestation similar to WEI, but focusing only on the integrations of the WebView component into Android apps.
The goal is to provide developers with multimedia content ensuring that their assets, such as streaming media, are always displayed in authorized applications and not in untrusted apps made available by third parties. Google explains the objectives of the initiative in its technical article “Increasing trust for embedded media“.
The technicians of the company founded by Larry Page and Sergey Brin point out that the functionality will be available on all Android devices that can use Google Mobile Services (GMS). However, it is not intended to be extended beyond the media embedded in apps, nor beyond Android WebViews.