PayPal patents new system to detect the theft of “super-cookies”

PayPal passkeys
(Image credit: PayPal)

A new way to detect the theft of ‘super-cookies’ has been developed by PayPal, which has filed a patent on the method.

Super-cookies can contain authentication tokens used by two-factor authentication (2FA), and when stolen provide unbridled access to victims accounts.

This bypasses any need to have the victims username and password, and effectively renders 2FA useless.

PayPal protection patent

In the gritty details of the patent, PayPal details its method for detecting when super-cookies are stolen by hackers. The patented method can identify and modify the values of super-cookies using sequential encryption, and then compares the super-cookies across multiple storage locations depending on how likely they are to be used in fraudulent activity.

This level of risk is calculated by how vulnerable the super-cookie is in each particular storage location, and the how likely it is for a hacker to target that particular storage location to steal the super-cookie.

Each device can have several storage locations, with each cookie’s value being generated based on the value of the location before it. The cookie-location risk-scores are compared to a risk-tolerance level, and if the score goes above the threshold it is detected as fraudulent.

This method helps to identify when a cyberattack is happening and prevent it, reducing the effect of the attack on both the individual and their accounts with organizations. The patent was submitted in July of 2022 and titled, “Super-Cookie Identification for Stolen Cookie Detection,” but was only published by the US Patent and Trademark Office in February this year.

The increasing complexity of cyberattacks and the assistance of AI in attacks means that increasingly novel methods of detection and prevention are being developed by organizations. Whether this method will be used for PayPal customers remains to be seen.

Via Bleeping Computer

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.