The Opera Desktop team today released the first major upgrade to Opera 9, version 9.1 (Download Opera 9.1).
Fraud Protection was added to this new version, where Opera will alert you when you visit a fraudulent site (such as those from the phishing emails we all get).
You can read about the Fraud Protection in Opera’s documentation, below are some snippets and summaries.
By default Opera’s fraud protection feature is off. When it’s on, the Opera browser will contact Opera’s fraud protection server every time you request a webpage. HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked.
The server checks the domain name of the requested page against live whitelists compiled by GeoTrust, and blacklists compiled by GeoTrust and Phishtank. Opera’s fraud protection server downloads blacklists directly from Phishtank, and sends a query to GeoTrust.
The domain name is forwarded to GeoTrust in plain text, together with a hash of the URL, if the site you are checking is served by HTTP. The full URL is not sent, but a fingerprint of the full URL is needed in case you visit a dangerous page on a site that is otherwise harmless. The reply is an XML document containing the trust level of the domain. This reply will be cached for a time indicated by the Opera’s fraud protection server. Information about well-trusted sites can be cached for a longer period than for unknown sites.
If a Web site is found on the blacklist, you will be presented with a warning page, and you must decide whether to visit the fraudulent Web site, or to return to the home page.
Opera’s fraud protection server does not cause any delay in the opening of Web pages.
How Opera handles your privacy?
- By default, Opera Fraud protection is disabled.
- With Opera Fraud Protection enabled, the domain name of Web sites you visit is sent to Opera’s fraud protection server together with a hash of the complete URL. No information goes directly to third parties, and the information that is forwarded to whitelist/blacklist providers is not connected to your identity. HTTPS sites are checked via an encrypted channel, while IP addresses on the local intranet will never be checked.
- Although Opera’s fraud protection server stores the domain name and the security status of the Web sites you visit, it does not save your IP address or any other information related to your identity. There are no cookies or other session information.
- You can at any time disable Opera Fraud Protection in preferences, by choosing Tools > Preferences > Advanced > Security , and unchecking the box marked “Enable Fraud Protection.”
Follow along with future Opera browser news by subscribing to our email or RSS feeds.