PayPal has filed a patent application for a novel method that can identify when "super-cookie" is stolen, which could improve the cookie-based authentication mechanism and limit account takeover attacks.
The risk that PayPal wants to address is that of hackers stealing cookies containing authentication tokens to log into victim accounts without the need for valid credentials and bypassing two-factor authentication (2FA).
"The theft of cookies is a sophisticated form of cyberattack, where an attacker steals or copies cookies from a victim's computer onto the attacker's web browser," PayPal says in the patent applicat