In its ongoing effort to boost the usage of its Edge browser, Microsoft is marketing the software to users of its Defender security suite with an unusual prompt - and drawn criticism for blurring a line between advising and advertising.

The tactic, a reader who works as a CTO told us, amounts to a "dark pattern" - an interface element or menu that is deceptively designed to steer users toward a particular choice.

The prompt to use Edge promotes a feature known as In-browser protection with Microsoft Edge for Business.

Edge for Business is a tool that allows admins to separate personal and business browsing profiles and ensure data doesn't leak between the two. In-browser protection means those using Defender for Cloud Apps and Microsoft Edge for Business, if subject to session policies, receive protection equivalent to a reverse proxy - without the potential latency or compatibility issues.

Setting aside the supposed security merits of tying Defender to Edge, the issue here is that Microsoft's solicitation to switch to Edge is made more compelling by use of an interface element that resembles a prompt, rather than clearly being an advertisement.

"This is a feature released to all users of the Defender suite, unannounced and enabled by default, that presents an interstitial prompt to switch to Edge designed to look like a security recommendation to users accessing Azure Functions on Chrome (and other browsers, I'd assume)," the reader explained.

"It's both a dark pattern in the sense of disguising advertising as a security function and in the sense of leveraging Microsoft's enterprise security platform market position to improve browser share."

Microsoft's documentation explains: "In-browser protection with Microsoft Edge for Business is turned on by default. Admins can turn the integration off and on, and can configure a prompt for non-Edge users to switch to Microsoft Edge for enhanced performance and security."

When this feature was in preview, it was disabled by default, according to Myron Helgering, a security engineer and Microsoft MVP who blogs about Microsoft-related topics. He described the process of signing in with Google Chrome with the prompt active as follows:

The prompt can be disabled through the Microsoft Defender admin center.

Asked to address the claim that the Edge ad represents a dark pattern, a Microsoft spokesperson replied:

This is not the first time Microsoft has been called out for the way it markets Edge - a long-time laggard in a market dominated by Google's Chrome browser.

In February 2024, Mozilla, which has its own set of challenges to retain the user base of its Firefox browser, published a report highlighting the way Microsoft pushed Windows users to adopt Edge using dark patterns. The Mozilla report [PDF], titled "Over the Edge: How Microsoft's Design Tactics Compromise Free Browser Choice," found that "Microsoft repeatedly uses harmful designs to influence users into using Edge."

Among various incidents, the report observed that Edge has injected ads for itself into Google's website, and into the Edge menu area when visiting the Chrome Web Store.

Mozilla cited the ways Edge has injected ads for Microsoft's browser into the Chrome download page on Google's website - to discourage those intent on downloading Chrome from switching away from Edge. It also chastised Microsoft for using Bing to insert an Edge promo above search queries seeking to download a rival browser.

Mozilla declined to comment on Microsoft's In-browser protection promotion.

Edge presently boasts a global market share of around five percent, having overtaken Firefox for third place in early 2022, according to StatCounter. Safari accounts for about 18 percent of global browser usage, and Chrome leads with about 65 percent of the market. ®

https://www.theregister.com//2024/08/14/microsoft_edge_promotion_in_defender/