A consent prompt is a user confirmation step that asks for explicit approval before an application, browser, or device accesses sensitive data or performs a privileged action. In security terms, it is a control that should prevent silent exposure of identity data, credentials, location data, or payment details.
Consent prompts matter because they place a human decision at a trust boundary. When they are clear and hard to spoof, they help block abuse such as malicious websites triggering autofill, fake system dialogs stealing approval, or account-takeover flows that try to reuse stored identity information. Defenders design prompts to show the exact data or permission being requested, require re-authentication for high-value actions, and avoid allowing one click to unlock broad access. Weak prompts, by contrast, can turn convenience features into attack surfaces by making users approve actions they do not understand.



