A new way to detect the theft of ‘super-cookies’ has been developed by PayPal, which has filed a patent on the method.
Super-cookies can contain authentication tokens used by two-factor authentication (2FA), and when stolen provide unbridled access to victims accounts.
This bypasses any need to have the victims username and password, and effectively renders 2FA useless.
PayPal protection patent
In the gritty details of the patent, PayPal details its method for detecting when super-cookies are stolen by hackers. The patented method can identify and modify the values of super-cookies using sequential encryption, and then compares the super-cookies across multiple storage locations depending on how likely they are to be used in fraudulent activity.
This level of risk is calculated by how vulnerable the super-cookie is in each particular storage location, and the how likely it is for a hacker to target that particular storage location to steal the super-cookie.
Each device can have several storage locations, with each cookie’s value being generated based on the value of the location before it. The cookie-location risk-scores are compared to a risk-tolerance level, and if the score goes above the threshold it is detected as fraudulent.
This method helps to identify when a cyberattack is happening and prevent it, reducing the effect of the attack on both the individual and their accounts with organizations. The patent was submitted in July of 2022 and titled, “Super-Cookie Identification for Stolen Cookie Detection,” but was only published by the US Patent and Trademark Office in February this year.
The increasing complexity of cyberattacks and the assistance of AI in attacks means that increasingly novel methods of detection and prevention are being developed by organizations. Whether this method will be used for PayPal customers remains to be seen.
More from TechRadar Pro
- Take a look at our guide to the best password managers
- The best endpoint protection software can keep your business safe
- Unsurprisingly, LockBit ransomware crew has returned