Curated Content | Thought Leadership | Technology News

PayPal’s Strategy for Enhancing Online Security with Super-Cookie Detection

Om nom nom nom.
Emily Hill
Contributing Writer
Cookie Monster eating a cookie on a background of PayPal logos.

PayPal (NASDAQ: PYPL) has recently filed a patent for a groundbreaking method designed to detect the theft of “super-cookies,” aiming to strengthen security in cookie-based authentication systems and mitigate account takeover attacks.

This innovative approach seeks to address the cyberattack strategy wherein hackers pilfer cookies, specifically those containing authentication tokens, from a user’s computer, allowing them unauthorized access to victim accounts without needing valid login credentials or bypassing two-factor authentication.

Why it matters: The initiative by PayPal underscores a growing concern within the digital security domain regarding the theft of cookies, a method that has become increasingly sophisticated over time. Super-cookies, unlike standard cookies, pose a greater threat due to their persistent nature and the difficulty in detecting and removing them. PayPal’s patent application not only highlights the vulnerabilities associated with these super-cookies but also proposes a strong solution to enhance security measures and protect user data from unauthorized access.

  • Enhanced Security Measures: The system assesses risk by comparing expected cookie values with those retrieved from various storage locations on a device, processing authentication requests based on a predetermined fraud risk tolerance.
  • Encryption for Safety: To prevent tampering, cookie values are encrypted using a public key cryptographic algorithm, ensuring that the cookies are used legitimately during the authentication process.
  • Potential for Implementation: While the patent indicates PayPal’s proactive stance on cybersecurity, it remains to be seen how this technology will be deployed in consumer-facing applications.

Go Deeper -> PayPal files patent for new method to detect stolen cookies – BleepingComputer

PayPal patents new system to detect the theft of “super-cookies” – TechRadar

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Add a title (69)
Not an endpoint, a journey.

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters