Why does Norton VPN App on my android phone require accessibility permission? It requires it when I press “Fix Now” button with the message “Core protection is off”.
Is this the same as Safeweb, we get with the Norton 360 app? If yes, it surely does not block any websites listed as unsafe on the norton safeweb website (I tried and tested it).
Can anyone please help?
user13474:
Norton VPN Android App - Core Protection Feature
Hello @user13474
What you’re seeing is a fairly common design choice in Android security apps, but it’s also confusing because it mixes VPN, web filtering, and accessibility services into one “fix” prompt.
Why Norton VPN asks for Accessibility permission
On Android, a normal VPN connection can only see and route encrypted traffic—it cannot reliably see what website you’re visiting inside apps or browsers . Because of that limitation, some security apps (including Gen Digital products) use the Android Accessibility Service as a workaround for “web protection”.
That permission allows the app to:
Read the URL shown in supported browsers (Chrome, Samsung Internet, etc.)
Detect when you are navigating to known phishing/malicious pages
Trigger a block page or warning overlay in real time
Sometimes “simulate” web filtering at the browser level
So when you press “Fix Now → Core protection is off” , it’s basically saying:
“VPN is running, but the extra web-protection layer is not active unless we can monitor browser activity via Accessibility.”
Is this the same as Norton Safe Web?
Not exactly.
They are related in purpose but different in implementation :
Norton Safe Web (Safe Web reputation system)
Primarily a reputation database for websites
Used in browser extensions or some integrated protections
Focused on classifying URLs as safe/suspicious
Norton VPN “Core Protection” (mobile app)
Uses Accessibility + VPN layer together
Acts in real time on Android device traffic inside supported browsers/apps
May not rely on the same enforcement mechanism as Safe Web
So: same general goal (block unsafe sites), different enforcement layer.
Why your test may show “it doesn’t block unsafe sites”
This is the key part of your observation—and it’s usually due to one (or more) of these reasons:
Browser not supported by Accessibility monitoring
Some browsers don’t expose URLs in a way Accessibility can read reliably.
Protection only works in certain apps
Often works in Chrome/Samsung Internet, but not inside:
In-app browsers (Reddit, Facebook, etc.)
Privacy-focused browsers (Firefox can be inconsistent here)
Custom WebViews
DNS/VPN layer alone is not doing Safe Web-style blocking
The VPN tunnel itself does not necessarily include full Safe Web URL filtering.
So without Accessibility, it may not actively block URLs , only encrypt traffic.
Timing and enforcement differences
Some systems warn instead of hard-blocking unless full “web protection” is active.
Important takeaway
The VPN ≠ Safe Web equivalent
The Accessibility permission is what enables the “active web filtering” behavior on Android
Without it, the app often behaves more like a standard VPN with limited threat detection
Bottom line
Yes—“Core protection” is basically Norton trying to enable browser-level web protection using Accessibility , but it is not identical to Safe Web enforcement , and it won’t always block sites the same way you might expect from a desktop browser extension or DNS-level filter.
AI sourced content may make mistakes
1 Like
Well, I am using chrome on a pixel device and even tested [testsafebrowsing.appspot.com]. It doesnt do anything. Chrome’s enhanced browsing steps in and protects it. I even tried samsung browser.
That result actually makes sense technically.
The site you tested — https://testsafebrowsing.appspot.com — is primarily designed to trigger Google Safe Browsing protections, which are deeply integrated into Google Chrome and Android itself.
On a Google Pixel device with:
Chrome Safe Browsing enabled
Especially “Enhanced Protection”
…Chrome will usually intercept the page before a third-party app like Norton VPN even has a chance to react.
That’s why you’re seeing:
Chrome warning page appears
Norton appears to do nothing
Why Samsung Internet also may not show Norton blocking
Even in Samsung Internet:
Android Accessibility APIs are somewhat limited
Norton may only monitor certain URL transitions
HTTPS encryption limits what VPN-only filtering can inspect
Norton’s mobile protection may focus more on:
phishing domains,
malicious redirects,
scam links from SMS/apps,
known malware hosts
…rather than duplicating Google Safe Browsing’s entire test-database behavior.
The important clue
If Norton’s “Core Protection” were functioning as a true independent browser filter , you would normally expect:
a Norton-branded warning,
notification,
overlay,
or blocked page.
Since Chrome protection alone is intervening, that strongly suggests:
Norton is either not intercepting the URL at all,
or Norton is deferring to Android/Chrome protections.
This is also why many Android security apps feel redundant on Pixels
Modern Pixels already include:
Google Play Protect
Chrome Safe Browsing
Android phishing detection
malicious app scanning
unsafe notification detection
scam call/text detection (newer Android versions)
So third-party “web protection” apps often become:
partially redundant,
dependent on Accessibility workarounds,
and less effective than their Windows equivalents.
What Norton’s Accessibility permission is probably really enabling
Most likely:
URL observation
overlay warnings
scam/phishing heuristics
app/site reputation checks
—not deep packet inspection or comprehensive web filtering.
Android simply does not give third-party VPN/security apps the same low-level browser control they have on Windows PCs.
So your testing outcome is actually a good real-world indicator that:
Chrome Safe Browsing is doing the heavy lifting, not Norton VPN’s “Core Protection.”
AI sourced content may make mistakes
1 Like
