Treat your login credentials like keys that materialize and you can use them as you wish. They are not Bitcoin or Ether and not even malware will be able to steal them. Worst case, even malware can’t copy them. This is the future that Google envisions through the use of Device Bound Session Credentials (DBSC).
Cookies are secret, small data packets that websites place on your device to sweeten your online life. On the other hand, they have to be aware of the constant cyber attacks on their devices. Theft of cookies could potentially force them to steal your accounts, even if you have two-factor authentication.
However, other systems do not have this functionality, requiring each user to send and receive messages separately. DBSC fixes this by linking your login session to a unique key pair stored securely on your device. Anyway, the private key is a copy of the real key that cannot be revoked remotely. Because of this sites avoid handling the key. Ownership is established without even examining the key.
Privacy is an important issue that must be taken into account. Each key must be identified, and sites cannot spy on you between different sessions. In Google’s case, the DBSC model included phasing out tracking capabilities and third-party cookies.
When you use DBSC to protect your online accounts, think of it like a silent guardian that can prevent anyone from logging in or accessing your resources. It works in the background but, for you, it feels like magic because it’s just one step you don’t have to take. Google has adopted this idea through some Google Accounts and is going to make it a standard for everyone by the last months of 2024. Here, it appears that Chrome users and businesses that have Google Workspace, and cloud users will also benefit from these additional aspects of security.
This innovative method has changed the online security paradigm and is now being implemented to combat online theft and fraud. DBSC provides an additional level of security for users as their passwords cannot be copied or intercepted. This way, they remain safe online and do not have to face any worries.
