In short: Google's Chrome version 70 is now rolling out to users on desktop, bringing progressive web apps (PWA) to Windows users, as well as new authentication features and the removal of at least one controversial change added in the previous iteration. Each of those is highlighted via Google's developer blog for the platform but four of those will have considerable implications from a user-facing perspective. For Windows 10 users, the biggest difference is the addition of support for PWAs. Already found in Chrome OS, PWAs will allow users to install some websites as standalone immerse web applications on the desktop if web developers have enabled the feature. Web Bluetooth API is also enabled for Windows 10 with the update, allowing more secure connections between a user's selected Bluetooth device and a given website, where implemented.
Setting that aside, Public Key Credentials have been added to the Credential Management API for Chrome itself. Those enable web applications to incorporate cryptographically attested credentials for features such as fingerprint-based two-factor authentication, in addition to supporting other types of security keys. That could include hardware keys or other biometric authentication methods.
Background: However, the biggest difference for some users is likely to be the option to opt out of automatic sign-in and syncing. With the update to Chrome 69, Google had altered the behavior of its browser to automatically sign users into Chrome itself any time they logged into a Google service. While not necessarily harmful on its own, the functionality caused a bit of commotion for those concerned about privacy since that meant syncing of various account data occurred automatically. What's more, the change meant that signing into a second account to use just one of Google's services would inadvertently link the two accounts. The search giant had promised to provide a fix for the issue and has kept its word in Chrome 70.
Following the update, new log-ins will surface a prompt for users asking whether they'd like to turn on syncing. Users can choose to enable the feature or select the "Not now" option to bypass syncing of passwords, history, and bookmarks. For those who don't want Google sign-ins to automatically happen across the entire browser when a single service is logged into, that's still enabled by default. With that said, there is a new option found in the browser's 'Privacy and Security' settings that will turn the automatic sign-ins off. That's shown as a toggle under the 'Allow Chrome sign-in' sub-heading and when disabled will, for example, stop the browser from logging the user into Chrome simply because they signed in on Gmail or another Google service or site.