Secure browsers – Chrome, Firefox, Edge and others compared

Using a secure browser is more important than ever before. Internet traffic continues to grow and working from home, online news, streaming en­ter­tain­ment, and networked com­mu­ni­ca­tion are bringing data pro­tec­tion and Internet security to the fore.

But the increased use of web services means that cy­ber­crime, tracking, internet fraud, and data breaches are soaring. The browser is among the most important tools for nav­i­gat­ing the Internet, which is why it should protect users against cy­ber­at­tacks.

Nowadays, users can choose from a wide range of browser options: Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge, and Opera to name just a few. But which is the most secure browser?

A good browser should be capable of tackling a variety of different tasks. From making the online surfing ex­pe­ri­ence run smoother to pro­tect­ing user privacy and enabling the con­ve­nient use of search engines without having to enter their URLs. Our browser com­par­i­son shines a light on the ad­van­tages of in­di­vid­ual browsers.

The criteria used by consumers to select their preferred browser varies from one person to the next. For con­ve­nience, most users tend to use the browser that is pre­in­stalled on their devices, e.g., Internet Explorer (now Microsoft Edge) on Windows or Safari on Apple or Google Chrome on Android devices. Not all users go searching for an al­ter­na­tive despite browsers such as Firefox being easy to install on most operating systems.

The safety rating of a browser often isn’t a prime concern for users, but that’s not to say it shouldn’t play a much bigger part in the decision-making process because browsers tend to be used on a daily basis. That’s why browsers are some of the most popular targets for attackers (alongside the operating systems).

A careless click on an unknown link can be enough to install malicious code. These downloads can slip through security gaps and unwanted software can be installed without the user noticing. To check whether you’re working with a secure browser, you should regularly see whether there are updates available that close possible security gaps. Most of the larger providers update their programs au­to­mat­i­cal­ly so that usage is not in­ter­rupt­ed by updates.

All browsers now alert users that a website using HTTP (Hypertext Transfer Protocol), instead of the secure variant  HTTPS, is not secure. But HTTP alone doesn’t mean a website is harmful. It only shows that the in­ter­ac­tion between the server and the user is un­en­crypt­ed.

Website that don’t actually interact with a user typically won’t require a TLS cer­tifi­cate or formerly the SSL cer­tifi­cate. However, if the website requests and collects personal data such as user accounts, passwords, email, or postal addresses, you should be sus­pi­cious of a HTTP website. You can recognize websites where data is trans­mit­ted un­en­crypt­ed by the fact that the URL begins with http: while encrypted websites start with https: (the dif­fer­ence being the “s”).

Is ac­ti­vat­ing private mode in Safari or incognito mode in Chrome enough to ensure secure surfing?

No. A browser does not become more secure just because it includes a privacy option. These don’t anonymize a user’s IP nor render their online actions invisible. This type of private browsing mode erases traces in a user’s browsing history, specif­i­cal­ly within the cache and the cookies, which only prevents the tracking of data.

Cookies contain in­for­ma­tion about a user’s IP address, dates, and times of their website visits and log-in data. This creates a user profile which could be of interest to cyber criminals but also ad­ver­tis­ers using Google and other search engines.

While Firefox enables the deletion of cookies or blocks them al­to­geth­er (Settings > Privacy & Security > Cookies and Website Data), many websites need to run cookies in order to offer all of their functions. Surfing the web is a trade-off between security and comfort no matter how often you delete your cookies.

Some browsers such as Firefox and Chrome have access to block­lists, can recognize po­ten­tial­ly harmful websites, and warn the user before they visit these websites. But attackers are well-aware of these block­lists and try to cir­cum­vent them.

A safe browser warns of malicious downloads. However, this type of pro­tec­tion is rarely com­pre­hen­sive.

JavaScript makes for smooth surfing on the Internet, but it is also one of the prime targets for cy­ber­at­tacks. The­o­ret­i­cal­ly, you can turn it off in the settings (for example, in Chrome go to Settings > Site Settings > Content > JavaScript). The problem is that turning off JavaScript usually leads to errors.

Even the most secure browser is of little use if it’s con­stant­ly spitting out error messages. Several add-ons such as Noscript are supposed to enable web visits without JavaScript, but they still limit many functions because they stop content from loading if it uses JavaScript. While this promises enhanced security, it results in websites no longer being displayed correctly because almost all of them use script codes.

To avoid adding dis­rup­tive ex­ten­sions, you can whitelist trust­wor­thy websites. One of the minimum re­quire­ments for whitelist­ing a website is the con­ver­sion to HTTPS.

What makes a browser more secure is not only its features or add-ons, but also the system it runs on. Under Linux, or the Linux live system, users can enjoy some of the best pro­tec­tion, as most malicious programs target gaps in Windows. But some users don’t like working with the free Linux en­vi­ron­ment.

Browsers differ widely and the same applies to their security functions. While one browser may offer maximum pro­tec­tion against malicious software, another may emphasize privacy options. Here is an overview of the most popular browsers, their ad­van­tages, and dis­ad­van­tages.

Chrome is a very safe browser. An in-house password manager and strong security software make Google’s browser one of the most secure options of them all. But when it comes to privacy, Chrome is a ques­tion­able choice. Google is a big data collector and stores the surfing behavior of its users. Yet, it’s not clear what the company does with this data.

Some data can be protected manually, for example, by de­ac­ti­vat­ing location tracking in Chrome. But Google punishes this with poorer usability. Usability is the second biggest dis­ad­van­tage of Chrome, because the browser is a heavy­weight in terms of hardware load. As soon as several tabs are open in Chrome, the memory of many computers reaches its limits.

In contrast to Chrome, Mozilla’s secure browser Firefox is slim and fast – unless it’s heavily cus­tomized. Firefox makes it easy to move, remove, and add to many of its com­po­nents.

When it comes to privacy and security, Firefox is the undis­put­ed leader. The browser blocks every­thing, from trackers to crypto miners, yet remains permeable to cookies. Collected user data is anonymized and only used for de­vel­op­ment purposes – this can also be de­ac­ti­vat­ed. Firefox isn’t just a safe browser, it’s by far the most secure browser.

But that has some dis­ad­van­tages. Firefox has a rel­a­tive­ly high RAM load, even if only a few tabs are open. Nev­er­the­less, Firefox still runs cleaner with multiple tabs open than Google Chrome, for example.

Edge is the successor to Internet Explorer and is another fairly safe browser thanks to the Microsoft Defender Smartscreen security service. However, Microsoft and Google are not very trans­par­ent when it comes to how they utilize user data. While this can be adjusted in the user settings, con­ve­nience and even security suffer as a result.

The weak­ness­es of some are the strengths of others. Apple’s Safari browser offers high speeds and top per­for­mance. But that’s at the expense of security. Safari doesn’t include an in­te­grat­ed ad blocker and options for ex­ten­sions are limited. The Safari browser is only updated when operating system upgrades are launched.

The German Federal Office for In­for­ma­tion Security (BSI) es­tab­lished a set of minimum re­quire­ments that a browser must meet to be deemed a secure browser. To this end, Chrome, Edge, and Firefox were examined. The BSI rec­om­mends just one of these browsers: Mozilla Firefox.

The BSI dif­fer­en­ti­ates between technical security and or­ga­ni­za­tion­al security. Only Firefox met both of these standards to full sat­is­fac­tion. With Chrome and Edge, on the other hand, there are several points that are only partially met. The pro­tec­tion of usage data is not ad­e­quate­ly guar­an­teed, and the password managers also have de­fi­cien­cies according to the BSI.

A safe browser is only as good as its user. Your surfing behavior is largely re­spon­si­ble for the level of security and data pro­tec­tion. Even the best security functions are in­ef­fec­tive when you’re careless with passwords, click dubious links, install ques­tion­able software or browse unsafe websites. Below are seven user tips to boost security when browsing the Internet.

Choose complex passwords – they should not consist of single words found in a lexicon. A secure password consists of long strings and should only be stored in encrypted form, if at all.

Reveal as little personal in­for­ma­tion as possible. On web forms, for example, only fill out the fields that are marked with an asterisk. If un­nec­es­sary data is required for the process to run, it is better to abort the process. It is also advisable to use personal in­for­ma­tion sparingly on social networks.

Before you finalize a contract online, find out all you need to know about its costs, benefits, and ter­mi­na­tion con­di­tions. This is es­pe­cial­ly true for software offers. Many purchases of software turn out to be sub­scrip­tions.

You should only install software that you really need and only download software from trusted sources. If it’s not clear who the provider of a software is, it’s worth looking at reviews before down­load­ing.

Browser ex­ten­sions can be useful, but there are plenty of add-ons that promise added value but collect user data in the back­ground to pass on to third parties.

A phishing website will resemble a known, le­git­i­mate website. This can become pre­car­i­ous in the case of online banking websites, where a user may enter their bank details on a fake page without realizing and give fraud­sters the chance to steal their banking details. Users should always access their bank account via the trusted URL or their bookmarks and never click on a link shared via mes­sen­gers, email, or text. Find out how to recognize phishing emails in our article dedicated to the topic.

There are various en­cryp­tion methods for a website. SSL en­cryp­tion should be used when banking or shopping online, as this is the only way to prevent payments from falling into the wrong hands. You can easily recognize the en­cryp­tion by the “https” instead of the “http” URL in the input window. A secure browser indicates the SSL con­nec­tion via an icon – often in the form of a padlock.