Trust Token API

This is a new API for propagating a notion of user trust across sites, without using cross-site persistent identifiers like third party cookies.

The web ecosystem relies heavily on building trust signals to detect fraudulent or spammy actors. One common way this is done is via tracking an individual browser’s activity across the web, usually via associating stable identifiers across sites. Preventing fraud is a legitimate use case that the web should support, but it shouldn’t require an API as powerful as a stable, global, per-user identifier. In third party contexts, merely segmenting users into trusted and untrusted sets seems like a useful primitive that also preserves privacy. This kind of fraud protection is important both for CDNs, as well as for the ad industry which receives a large amount of invalid, fraudulent traffic.

Comments

Process for registering as an issuer: https://docs.google.com/document/d/1cvUdAmcstH6khLL7OrLde4TnaPaMF1qPp3i-2XR46kU/ If you are trying to register as a developer to use the Trust Token APIs to issue/redeem, please follow the standard Origin Trial registration process: https://github.com/GoogleChrome/OriginTrials/blob/gh-pages/developer-guide.md

Documentation

Specification

Public discussion

Status in Chromium

A-N/A


No active development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No public signals
  • No public signals
  • Public support
  • Positive

Owners

Intent to Prototype url

Intent to Prototype thread

Last updated on 2020-05-21