PayPal patents new system to detect the theft of “super-cookies”

News
By Benedict Collins
published

2FA means nothing if your cookies are stolen

PayPal passkeys
(Image credit: PayPal)

A new way to detect the theft of ‘super-cookies’ has been developed by PayPal, which has filed a patent on the method.

Super-cookies can contain authentication tokens used by two-factor authentication (2FA), and when stolen provide unbridled access to victims accounts.

This bypasses any need to have the victims username and password, and effectively renders 2FA useless.

PayPal protection patent

In the gritty details of the patent, PayPal details its method for detecting when super-cookies are stolen by hackers. The patented method can identify and modify the values of super-cookies using sequential encryption, and then compares the super-cookies across multiple storage locations depending on how likely they are to be used in fraudulent activity.

This level of risk is calculated by how vulnerable the super-cookie is in each particular storage location, and the how likely it is for a hacker to target that particular storage location to steal the super-cookie.

Each device can have several storage locations, with each cookie’s value being generated based on the value of the location before it. The cookie-location risk-scores are compared to a risk-tolerance level, and if the score goes above the threshold it is detected as fraudulent.

This method helps to identify when a cyberattack is happening and prevent it, reducing the effect of the attack on both the individual and their accounts with organizations. The patent was submitted in July of 2022 and titled, “Super-Cookie Identification for Stolen Cookie Detection,” but was only published by the US Patent and Trademark Office in February this year.

The increasing complexity of cyberattacks and the assistance of AI in attacks means that increasingly novel methods of detection and prevention are being developed by organizations. Whether this method will be used for PayPal customers remains to be seen.

Via Bleeping Computer

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.