W3C home > Mailing lists > Public > public-html-comments@w3.org > April 2010

HTML5 -Online authentication

From: Farjad Farid\(ChkNet\) <farjad.farid@checknetworks.com>
Date: Tue, 6 Apr 2010 14:17:36 +0100
To: <public-html-comments@w3.org>
Message-ID: <002f01cad58b$8783e960$968bbc20$@checknetworks.com>


Dear Sir/Madam,


I have just recently heard about some aspect of HTML5 that may have
considerable impact on online authentication. Namely that it is hoped to
remove third party components. 


Whilst I don't confess to be fully aware of all aspects of the specification
may I point that because online authentication requires 2 (or more) factor
authentication that complete removal of third party components are highly
likely to lead to the following problems


1.       Higher fraud rate for online credit card usage

2.       Poorer online experience for Ecommerce end users 

3.       Reduced cross device compatibility for 2 factor authentication.
i.e. scanning fingerprints , network or device id verification or GeoIp
location specially for mobile phones etc.


Without due consideration of security of online transactions Ecommerce web
sites (or those providing services) are not likely to support or implement


May I also highlight that in UK (as an example) cheques are due to be phased
out by 2018 making online transactions and its associated security ever more


I hope that these observations may help in your due diligence examination of
the technology and hope that it may also be tested from the perspective of
online credit card gateways before its wide adaption. 



Best Regards



Farjad Farid





Received on Tuesday, 6 April 2010 20:14:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:26 UTC