Modern web browsers provide a number of convenience-driven features to store and access sensitive user data, in order to improve the user experience and browser usability. For example, many browsers utilize a password manager to store user name and password values that are used to login to a website. The saved username and password values are then used to auto-fill user name and password fields during the next time that the user accesses the same URL with the browser. In a similar fashion, many browsers store cookies that hold user preferences and website identifiers, store financial information such as credit card numbers and expiration dates, and store other personal information such as addresses, and the like. Such sensitive data that is maintained within client devices is vulnerable to unauthorized access by malicious software, even if the sensitive data is stored and persisted on the computer system in an encrypted format.
In most browsers, security architectures use software sandboxing to isolate web applications running in different browser tabs. Although the web page parsing and rendering operations are sandboxed, the sensitive data that is needed for use with respective web applications is handled by a trusted browser kernel process. When the sensitive data is needed in a web application that is being handled by non-trusted renderer processes, the user data is sent by the trusted browser kernel based on pre-defined security policies. Accordingly, there is the potential that malicious software could access sensitive data values during the access, retrieval, or transmission of previously stored sensitive data values.