According to SecureEnvoy, cybercriminals can hijack a user's online session through cookies. The technique involves infecting a user's computer with a trojan, and then intercepting relevant web-based commands – plus cookie transmissions – to prevent the website noting that the legitimate user has terminated their online session.
"By using a trojan to log the relevant GET and POST commands, as well as injecting data into an active web session, cybercriminals can allow a legitimate user to log off their online web service, but keep the session alive on another internet connection," explained Phil Underwood, chief security officer at SecurEnvoy.
While most two-factor authentication systems do not include protection beyond initial authentication. SecurEnvoy said it has built steps to protect the integrity of the session and its associated cookie.
Even if someone tries to intercept the session cookie and other relevant data through nefarious means, the lack of authentication in combination with the fingerprinted cookie session will cause the unauthorized session to be dropped, SecurEnvoy said.
"The SecurEnvoy authentication system logs the legitimate users' IP address and several other session parameters that identify the online user, their computer and internet connection. Then, by selectively interrogating the connection on a rotational basis, it continues to authenticate the user in the background for the entire length of the session," Underwood said.
SecurEnvoy believes that even if a third-party hacker has succeeded in infecting the legitimate user with a trojan that forwards cookies and other parameters to their own system, that data is still not sufficient to beat its authentication technology.
This story was first published by Computer Weekly