Domain verification is the big security addition. If you read our posts on how to install Chrome Web Apps right now, you might have seen part of Google’s plan in action already. For example, if you tried to install the Google Reader app from our server by simply clicking it with your left mouse button, you would see the dialog above: “Apps must be served from the host that they affect.”
It’s not perfect, obviously. The apps on our post could be installed anyway by simply right-clicking, choosing save as, and dragging the app from your download bar back into the main Chrome window. To the average user, however, that’s probably complex enough to be a deterrent. Pair this with Google’s new domain verification stamp, and you’ve got a decent way to assure users they’re installing safe apps from a trusted source.
Every little bit helps when it comes to security, and I can certainly see domain verification being something even my least technical friends and family can understand — and appreciate.