Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Preventing spoofed buyflows #10

Open
msporny opened this issue May 15, 2013 · 1 comment
Open

Preventing spoofed buyflows #10

msporny opened this issue May 15, 2013 · 1 comment
Labels
Milestone

Comments

@msporny
Copy link
Member

msporny commented May 15, 2013

The current Browser Payments specification requires a whitelist of organizations that are capable of making the chrome buyflow frame appear. What happens when we want to have multiple payment providers w/o a centralized whitelist on the Web? How do we prevent people from putting important password information into the buyflow frame? Should we have some basic tenets of the chrome buyflow that makes it very difficult to spoof the information needed by the buyflow (such as, never allow the buyflow to accept a credit card number, or username/password, etc.)? We can accomplish this in PaySwarm by registering a cryptographic key w/ the browser - at that point, no information is needed from the buyer.

@kumar303
Copy link
Member

Good questions. Currently this is addressed by Mozilla via the whitelist. Only trusted sites would be added to the list. It's not ideal but that is one of the reasons it exists. Obviously if any provider's site was compromised (XSS, server intrusion, etc) then phishing would be possible.

Besides this, phishing is still possible by simulating the mozPay() payment window / buyflow without using a real one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants