FAQs
Frequently Asked Questions
Brave Browser
The Brave browser is developed in the open, and any change that could affect security or privacy is subject to strict review to ensure it aligns with our commitment to privacy. We document what the browser connects to (network requests) and how it deviates from Chromium in ways that strengthen privacy.
Brave is based on the same Chromium source code as Chrome, but unlike Chrome and other Chromium-based browsers, Brave doesn’t make out-of-the-box background connections to Google. We’ve disabled Google Accounts and Chrome sync, removed Chrome-specific telemetry and reporting code, and made further changes that strengthen privacy—removing or disabling features that send data to third parties, proxying necessary requests to hide user identity, and modifying APIs to reduce fingerprinting. These deviations create a more privacy-preserving Chromium foundation reflecting our “can’t be evil” approach that avoids collecting personal data in the first place and precludes abuse. This is complemented by Brave-specific systems such as STAR for anonymous telemetry, support for privacy-enhancing standards like Global Privacy Control (GPC), and privacy-preserving ad reporting.
Independent reviews have rated Brave extremely highly when it comes to privacy. The Electronic Frontier Foundation’s Cover Your Tracks test rates Brave’s Web tracking protections as strong, and research from Professor Douglas J. Leith and colleagues at Trinity College Dublin—respected for their long-standing work on Web and mobile privacy—found Brave “by far the most private” among major browsers.
By default, the Brave Shields feature blocks third-party tracking scripts (trackers) and the third-party ads that depend on them. You can allow some (or all) ads and trackers by adjusting global or per-site Shields settings.
Separately, Brave users can choose to opt into Brave Rewards, which includes privacy-preserving ads that do not track you, and that pay you a revenue share to support the creators you like. The browser-based Brave Ads can be toggled off as desired.
Together, the Brave Rewards / Brave Ads features create a private and anonymous ad system. These ads mostly come from partners and advertisers who work with the Brave sales and business development teams; in limited cases, some ads will come from Brave directly, as a way to market new features to our users.
This improves on the “classic” digital advertising model in a few key ways:
- Any ad matching happens on the user’s device; ads are privacy-preserving.
- There is no profiling of individual users, and measures are in place to avoid collecting any identifying information. All ad metrics (such as impressions) are collected only at an aggregate level, and verified anonymously.
- Browser-based Brave Ads are entirely optional, and those users who do opt in to Brave Rewards can earn a cut of the ad revenue in the form of the Basic Attention Token (BAT).
- BAT can be donated to creators and publishers to help fund the Web.
Extensions face API and performance limits. Additionally, popular extension stores often host malicious counterfeit extensions, which have led to millions of infected users.
Building our own browser lets us put our best foot forward on matters of speed and privacy. Building and maintaining a browser is a lot more complicated than an extension, but it pays off by letting us protect our users unbeholden to Google or other owners of extension platforms. For example, Brave’s ad and tracker blocking is not affected by Google’s deprecation of Manifest Version 2.
As mentioned above, the browser knows almost everything you do. It knows what sites you visit, how much time you spend on them, what you look at, what is visible “above the fold” and not occluded by opaque layers, what searches you make, what groups of tabs you open while researching major purchases, etc.
Only the browser, after HTTPS terminates and secure pages are decrypted, has all of your private data needed to analyze user intent. Our auditable, open-source browser code protects this intent data on the client device. Our servers have no access to this data in the clear, nor do we have decryption keys.
Brave Rewards General
Each installation of Brave (or user profile within Brave) has its own Brave Rewards profile. So, if you install Brave on two different computers, you will have at least 2 different Brave Rewards profiles.
You can connect multiple Brave Rewards profiles to a single payout account, allowing you to consolidate your earnings into one and use the shared BAT balance across your profiles.
Basic Attention Token. It is a utility token based on the Ethereum technology that can also be used as a unit of account between advertisers, creators, and users in our new, blockchain-based digital advertising and services platform.
Ownership of the tokens carry no rights other than the right to use them as a means to obtain services on the BAT platform, and to enable usage of and interaction with the platform, if successfully completed and deployed.
The tokens do not represent or confer any ownership right or stake, share or security or equivalent rights, or any right to receive future revenue shares, intellectual property rights or any other form of participation in or relating to the BAT platform, and/or Brave and its affiliates. The tokens are not refundable and are not intended to be a digital currency, security, commodity or any other kind of financial instrument.
You can learn more about Basic Attention Token on the Basic Attention Token website.
Since your BAT and other funds are stored inside your custodial account or at your Web3/crypto address, keeping your funds safe is mostly a matter of keeping access to the login details of your custodial account safe, or your private keys safe. Brave does not have access to your custodial account or Web3/crypto private keys.
If you use a custodial account as your payout account for Brave Rewards, you also authorize your Brave browser to have some access to your custodial account through your provider’s API. Every so often, you’ll be automatically logged out for security. In addition, certain actions may require the browser to be reauthorized, such as sending more than a certain amount in contributions. This helps limit theft of funds in case someone gains unauthorized access to your device.
All automatic contributions, such as those made using the Auto-Contribute feature, are anonymized such that no one can link these transactions to a specific user’s Brave Rewards profile or browsing activity, thanks to the extensive use of privacy preserving cryptographic protocols.
If you make an on-demand contribution from your custodial account, your chosen custodial account provider may be able to see some details of your transaction.
For more information, please read our Privacy Policy.
Brave is currently partnered with Uphold, Gemini, BitFlyer and ZebPay as custodial account providers. Brave’s custodial partners are third-party services that allow users to store and manage their BAT, including the BAT users earn from Brave Rewards.
Note that support for connecting a custodial account to Brave Rewards varies by region. You can find a list of supported regions by custodial account provider here.
Brave Creators
A “creator” or “publisher” is someone who owns a website or an account on a user-generated content platform like YouTube, X (formerly Twitter), Reddit, Twitch, Vimeo, etc. We prefer to use the word “creator” as a catchall term to mean anyone who creates or publishes content online.
By signing up with Brave Creators, you can receive contributions from Brave users who enable the Brave Rewards feature!
A “Verified Creator” is a website, account, or channel that can receive contributions from Brave Rewards users. For example, a YouTube channel can appear as a “Verified Creator” to Brave Rewards users. When Brave Rewards users visit a Verified Creator site, channel, or account, they will see a blue checkmark next to the BAT icon in the URL bar of their Brave browser.
In order to have your websites, accounts, and channels appear as verified to Brave Rewards users and display a blue checkmark, you need to (1) register your website, account, or channel with your Brave Creators account, and (2) connect an account from one of our custodial partners to your Brave Creators account. Connecting an account from one of our custodial partners gives us and Brave Rewards users a place to send you your contributions (which come in the form of Basic Attention Tokens or “BAT”). To learn more, see our support article on how to become a Verified Creator.
You can only send contributions to “Verified Creators”. Verified Creators are sites or channels that have registered with Brave Creators and have completed the steps to be eligible to receive contributions from users.
In some cases, a Verified Creator may still be unable to receive contributions from you. This can happen because there is no available contribution method between you and the Verified Creator (for example, because the Verified Creator isn’t set up to receive contributions from the custodial account provider you use). The Brave Rewards interface will indicate whether a contribution to a website or channel is possible.
Previous versions of Brave
Previously, when a website or channel could not receive a contribution from a user (either because the creator was not a Verified Creator, or because there was no available contribution method), the Brave browser would set up a “pending contribution” that would retry automatically for 90 days. If within the 90 day period the browser detected that the pending contribution could be made to the creator, then it would be processed. No balance was ever deducted from the user until the contribution was actually processed. A user could always cancel a pending contribution before 90 days had elapsed.
Before that (until version 0.58.21, released on January 11, 2019), browsers with Brave Rewards enabled could contribute BAT to websites and creators even if they were not registered with Brave Creators. Brave would then hold contributed funds for those creators in escrow until the creator had registered with Brave Creators.
General
Brave Software is a privately held, for-profit company. We generate revenue in several ways, including:
- The sale of New Tab Takeovers, Brave Search Ads, and other Brave Ads (the first-party ad units that users opt into via our privacy-preserving ad platform). Note that opted-in users receive 70% of this ad revenue back in the form of BAT.
- Subscriptions to our premium products: Brave Firewall + VPN, Brave Talk Premium, Brave Leo Premium, and Brave Search Premium.
- A 1% fee on fiat-to-crypto transactions (through onramp partners) in Brave Wallet, and a nominal fee on creator tips and auto-contributions made via Brave Rewards.
- Subscriptions to our Search API.
- Partnership deals (for example with platforms integrated into the Brave browser).
For more information, check out Brave’s transparency report.
brave.com
, basicattentiontoken.org
, brave.io
, brave.app
, bravesoftware.com
and their subdomains. If you are asked to download Brave software or login to Brave on other sites, please beware that this could be a phishing attack. You can report Brave impersonators to security[at]brave.com.No, Chromium is not the same as Google Chrome.
Chromium is the open-source browser engine “…that aims to build a safer, faster, and more stable way for all users to experience the web.” This engine powers many of the world’s most popular browsers, such as Brave, but also Google Chrome, Microsoft Edge, Opera, and Vivaldi.
Google Chrome, by contrast, is the Web browser built by Google.
Think of Chromium as a browsing foundation that anyone could build on. Brave takes this foundation and:
- Removes parts that could be harmful to user privacy or security
- Builds in new enhancements to privacy and performance
- Layers on unique features that create new ways to engage with content online
While Brave is based on the same Chromium source code as Chrome, Brave doesn’t make connections to Google in the background. We’ve disabled Google Accounts and Sync, and removed all Chrome-specific telemetry and reporting code. Without these protections, Chromium could be used to enable websites to use online tracking and surveillance; it’s these outbound connections to Google services (enabled in Google’s implementation of Chromium) that give Google information about your usage and browsing.
It’s common for browser vendors to build on a common foundation. For example, this is similar to how on iOS mobile devices, every browser is Safari based (due to Apple’s requirement that browser vendors must use WkWebView to build iOS mobile browsers), but the privacy, performance, and features of those browsers vary greatly.
Brave is formally a Chromium “fork,” and we now develop all releases of the Brave browser for Android and desktop on this open-source core. The Chromium engine leads to far fewer bugs (thanks in no small part to the fact that companies and developers around the world are contributing to this open-source project). Brave is among those contributing code upstream to the Chromium project. Brave also maintains adblock filters via the Easylist project, a list which many other open-source projects (including Chromium itself) use for ad filtering.
Chromium offers full support for desktop extensions, and has more frequent upgrades and better code-sharing between desktop and mobile versions. It is by far the best foundation on which Brave can build its privacy, security, performance, and custom-feature enhancements. Brave deviates from this open-source foundation in a number of key ways, which allows Brave to be user-first; offer far better privacy and performance; and introduce great custom features you won’t find in any other browser. There is no business relationship between Brave and Google, or between the Brave browser and Google Chrome.
FAQ Archive
As mentioned above, the browser knows almost everything you do. It knows what sites you visit, how much time you spend on them, what you look at, what is visible “above the fold” and not occluded by opaque layers, what searches you make, what groups of tabs you open while researching major purchases, etc.
Only the browser, after HTTPS terminates and secure pages are decrypted, has all of your private data needed to analyze user intent. Our auditable open source browser code protects this intent data on the client device. Our server side has no access to this data in the clear, nor does it have decryption keys. We do not run a MitM proxy or VPN service.
Updated 2022-06-23 — The paragraph below describes functionality that was never shipped and was never live to users. We’ve left it visible for the sake of transparency: