Re: [webpayments] How do we prevent keyboard hooking during payment? (#90) from Rouslan Solomakhin on 2016-02-18 (public-payments-wg@w3.org from February 2016)

From: Rouslan Solomakhin <notifications@github.com>
Date: Wed, 17 Feb 2016 17:17:49 -0800
To: w3c/webpayments <webpayments@noreply.github.com>
Message-ID: <w3c/webpayments/issues/90/185493559@github.com>

>  could we suggest Payment Mediator ( the browser) provide an element such as "secure input' (something like ), which can ensure that malicious processes can't hook the input.

We can suggest it, but browser cannot guarantee it in most cases.

Chrome can't guarantee this on the majority of platforms, because it runs as a user level process. Hooking into the keyboard requires OS level permissions. OS level processes generally have full access to user level process. User level processes cannot guard against this.

ChromeOS has slightly better guarantees for Chrome, because it [uses TPM]((http://chrome.blogspot.com/2011/07/chromebook-security-browsing-more.html)) and does not allow installation of any other program. Apple Pay's [Secure Element](https://support.apple.com/en-us/HT203027) may be able to provide a similar level of security.

Android is a special beast here, because users can install [custom keyboards](http://code.tutsplus.com/tutorials/create-a-custom-keyboard-on-android--cms-22615). A custom keyboard can open network connections and log everything you type, if they wanted to. So, users have to be especially careful here.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/90#issuecomment-185493559

Received on Thursday, 18 February 2016 01:18:47 UTC