Economic CalendarQuotes & ChartsForex Trading SignalsPAMM Account RatingTrading Sessions
flag English arrow
logo
Home
Publications
Top Articles Forex Analytics Forex Analysis for Beginners Video Analytics Crypto News Forex NewsForex TVForex HumorNews in Pictures Trader Journals
See also
Forex Online
Quotes & Charts Forex AnalyticsForex NewsEconomic Calendar Technical Analysis Patterns Forex Trading Signals PAMM Account Rating Trading Session Schedule
See also
Crypto
QuotesNewsTrade Crypto IFXBIT Platform #Bitcoin#Ethereum#RippleBitcoin Cash
Monitoring
Forum
Trade Now

FX.co ★ Google's New Feature Will Block Hackers From Stealing Cookies

header image

Forex News

2024-04-03T20:25:00

Google's New Feature Will Block Hackers From Stealing Cookies

Google, a subsidiary of Alphabet Inc., is developing a security feature known as Device Bound Session Credentials (DBSC) to combat the widespread issue of hackers stealing cookies—a common tool web browsers use to save user preferences and browsing data—in order to gain unauthorised access to accounts.

The convenience of cookies, which enables users to stay logged in on websites and eliminate the need for repeated sign-in procedures, unfortunately makes them an appealing target for malicious cyber actors. Hackers typically use malware to infiltrate these cookies, aiming to extract valuable authentication details.

DBSC, however, aims to effectively nullify this potential security threat. With the use of a Trusted Platform Module, or TPM chip, Google's cutting-edge feature will encrypt the authentication cookies and bind them to the user's device.

According to Kristian Monsen, a software engineer involved with Google's Chrome Counter Abuse team, by tethering the authentication sessions to individual devices, DBSC can render stolen cookies worthless. This, in turn, can result in a significant decrease in instances of successful cookie theft through malware. Attackers would be compelled to operate directly on a device, making it easier for anti-virus software or enterprise-managed devices to detect and deal with the threat.

At present, the DBSC feature is still in the prototype stage. It operates by allowing a server to initiate a new session in a browser, connecting it to a public key saved within the device via an Application Programming Interface (API). Each session is affiliated with a unique key, preventing websites from monitoring user activity across different sessions.

Monsen clarified that once DBSC is fully deployed, enhanced security for Google accounts will be automatically applied for both individual and corporate consumers. Furthermore, this feature is also being developed for Google Workspace and Google Cloud customers, as an additional layer of account security. Initially, it's worth noting that this feature will only support half of all Chrome desktop devices.

*The market analysis posted here is meant to increase your awareness, but not to give instructions to make a trade
Go to the articles list Open trading account