Protection against untrusted certificates

The Mobile Yandex Browser checks site certificates. The browser will warn you if the website cannot provide secure encryption of your data due to problems with the certificate.

  1. Why a site certificate is needed
  2. What makes an untrusted certificate dangerous
  3. Blocking websites with untrusted certificates
  4. Reasons for blocking

Why a site certificate is needed

When you send your personal or payment data to a website, it must be protected. Websites use the HTTPS protocol for secure connection. The protocol activates an asymmetric encryption algorithm, where data is encrypted with a public key and decrypted with a private key. For each session, the browser regenerates the private key and transmits it to the website with precautionary measures to prevent theft.

However, if you end up on a phishing website, it might get the private key and then decrypt your data. To protect against phishing, websites use digital certificates issued by special certification authorities. The certificate guarantees that a public key used for encryption actually belongs to the website owner.

What makes an untrusted certificate dangerous

You may end up on a phishing website, or your data will not have the required protection on the original website (for example, if the website's certificate has expired). As a result, hackers can:

  • Intercept or replace your personal data, and read your correspondence.
  • Get your payment data (card number, holder's name, expiry date and CVV2) and use it to steal money from your account.

Blocking websites with untrusted certificates

If the browser cannot provide secure encryption due to problems with the certificate, an icon appears on the left side of the SmartBox, and you will see the following warning:

“Cannot establish a secure connection. Hackers may try to steal your data (for example, passwords, messages or your bank card)”.

You can either choose not to visit the website, or add the certificate to the trusted list by tappingDetails in the dialog box, and then Make an exception for this site. The certificate will be on the trusted list for 30 days, and then you will have to make an exception for it again.

Attention. Tap Make an exception for this website only if you’re sure the certificate is trustworthy. Otherwise hackers can get access to your personal data!

Reasons for blocking

Yandex Browser blocks websites that have the following problems with certificates: