It is reported that the move is aimed at solving some type of phishing (also known as “man in the middle attack” / MITM). In recent years, the threat posed by it has become increasingly serious. In short, those with ulterior motives can use the man-in-the-middle attack to intercept real-time information transmission between the two parties.
The search giant acknowledges that “one form of phishing, known as “man in the middle” (MITM), is hard to detect when an embedded browser framework (e.g., Chromium Embedded Framework – CEF) or another automation platform is being used for authentication. MITM intercepts the communications between a user and Google in real-time to gather the user’s credentials (including the second factor in some cases) and sign in. Because we can’t differentiate between a legitimate sign in and a MITM attack on these platforms, we will be blocking sign-ins from embedded browser frameworks starting in June. This is similar to the restriction on webview sign-ins announced in April 2016.”