The Trust Token API allows sites to encode coarse-grained notions of user trust (a couple bits worth) across site boundaries. This change will expand the API to allow issuing websites to request that browsers attempt to execute corresponding Trust Tokens operations against the platform environment the browser is operating in: for instance, via some kind of system API or IPC to a system service. More information about the API writ large:


Many websites and services that depend on fraud and spam detection presently rely on privacy-invasive techniques such as fingerprinting to identify devices. This proposal introduces a mechanism for the platform to provide a signal via the browser that may be consumed by anti-abuse mechanisms, thus providing a reliable indicator and removing the need for privacy-invasive methods.

Status in Chromium


In development

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • No signals


Intent to Prototype url

Intent to Prototype thread

Last updated on 2021-12-10