Private browsing or incognito mode is one of the effective basic privacy protection mechanisms web browsers offer today. Although sometimes mistaken for total privacy protection, incognito mode makes sure you don’t leave traces on the browser itself. That protection, however, is just about pointless if somebody else already holds your phone and, therefore, the browser is open. That’s why Google has been performing on a reauthentication mechanism for Incognito mode that’s coming to Android soon.
Physical access to a tool nearly always makes security measures moot, especially when the phone is already unlocked. Incognito mode is additionally useless when the tabs are already open within the background. Everyone it takes is for the unauthorized user to modify back to it to ascertain what you’ve been browsing secretly. Another lock for incognito mode adds another layer of security, presuming you’ve got enabled PIN or biometric identification on your phone.
Chrome Story reports a replacement flag in Chrome for Android’s development Canary version that adds precisely that. Once the flag has been enabled and Chrome has been restarted, a replacement setting within the browser’s Privacy and Security settings will allow you to switch reauthentication on or off. If enabled, you’ll be required to enter your phone’s PIN or use face unlock or fingerprint to access incognito tabs.
Google introduced this experiment to Chrome for iOS. Once you navigate far away from those incognito tabs for whatever reason, you’ll get to reauthenticate to your phone to ascertain them again. You’ll need to tap on the button first, though, so it won’t be as automatic as unlocking your phone.
That iOS implementation sadly isn’t yet available for the overall public, and its Android counterpart might still be distant now. In the meantime, users should remember that non-public Browsing mode isn’t bulletproof, and websites, carriers, and even Google can still notice your activity.