Google has introduced the web standard Device Bound Session Credentials (DBSC), aimed at protecting browser users from the theft of personal data. Cookies, which allow sites to recognize users and authorize them without passwords, are particularly vulnerable to exploitation by scammers.
How DBSC Works
To address this vulnerability, Google has developed DBSC, which links cookies to specific computers using a pair of keys (private and public). This pairing, facilitated by a special API, allows servers to verify the authenticity of the cookie owner. Each communication session is associated with a unique key, preventing scammers from replicating sessions to deceive sites and steal data or money.
Future Outlook and Implementation
The technology is currently in beta testing with a limited number of users in Chrome, with plans to make DBSC an open standard, adds NIXsolutions. The Microsoft Edge team has also expressed interest in the development. While an exact release date for DBSC has not been announced, we’ll keep you updated on any developments.