People commonly utilize websites for everyday tasks, such as shopping online, checking bank account balances, and communicating with others by email or message boards. Unfortunately, vulnerabilities may exist in these systems. Unauthorized third parties can exploit the computer security vulnerabilities to gain access to sensitive data, such as credit card information or social security numbers, which can expose consumers to possible fraud or identify theft.
A common type of computer security vulnerability is session stealing, also known as session hijacking. Session stealing is a class of attack that involves stealing a valid session key that is used to authenticate a user on a remote server. A session key may be a cookie, browser authentication, or client-side certificate for a specific domain. The stolen session key may be used to access information or services on the remote server.