W3C home > Mailing lists > Public > public-webpayments@w3.org > February 2013

Re: Building A Paid App For Firefox OS

From: Kumar McMillan <kmcmillan@mozilla.com>
Date: Wed, 27 Feb 2013 11:56:31 -0600
Cc: Melvin Carvalho <melvincarvalho@gmail.com>, Web Payments <public-webpayments@w3.org>
Message-Id: <FC9E0A8F-8A4C-4C0D-81CC-7BA94020EC85@mozilla.com>
To: Paul <paul@pogodan.com>

On Feb 27, 2013, at 11:43 AM, Paul <paul@pogodan.com> wrote:

> On Feb 27, 2013, at 12:31 PM, Kumar McMillan <kmcmillan@mozilla.com> wrote:
> 
>> 
>> On Feb 27, 2013, at 10:53 AM, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>> 
>>> At first glance the Firefox Marketplace for Firefox OS may look similar to the Apple Store or Google Play Store but there is a key difference: it does not lock you into Mozilla or lock you into your Firefox OS phone. It enables you to sell a web app that will run on any open web device by way of the receipt protocol. Non-Mozilla marketplaces can participate in selling apps on Firefox OS out of the box by implementing the receipt format and users won’t notice anything different when running a paid app from either store.
>>> 
>>> When other devices support the receipt protocol then theoretically you could pay for an app once and run it everywhere. There is, of course, a chicken vs. egg problem here so Mozilla hopes to be the egg that helps prove out the decentralized receipt concept and iterate on the protocol. Mozilla invites other vendors to help us work on getting receipts right so that paid apps are as portable and “webby” as possible.
>>> 
>>> [Read More...]
>>> 
>>> https://hacks.mozilla.org/2013/02/building-a-paid-app-for-firefox-os/
>>> 
>> 
>> Hi Melvin, thanks for posting to the list. I am following the web payments work here and we (Mozilla) are certainly interested in making payments work on the web in a decentralized manner.
>> 
>> In comparison to Pay Swarm, I'll point out that our web app receipt format says nothing about how to *pay* for the app (that's way harder!).  However, I think the decentralized receipt format is the most well understood part of Firefox OS' current approach to payments. It is a simple JWT format using standard crypto. The key synchronization is a little complex but it should hopefully be easy enough for other marketplaces to implement. We'll find out how easy once some others try it out. Right now, only Mozilla has implemented the receipt format.
>> 
>> As far as I know, neither iOS or Android have attempted to make open payment receipts that third parties can verify. As my article states, we are interested in building an ecosystem where anyone can sell apps and anyone can build a *runtime* that supports any paid app.
>> 
>> I'll be posting another article soon about how in-app payments work but IMO those are not as webby and decentralized as app receipts. There is lots of work to do!
>> 
>>> I wonder if the firefox marketplace could be a good way to bootstrap the web app eco system …
>> 
>> The current open payments concepts came out of our labs group a couple years ago. They are our first take on payments so I think they will evolve once they're in the wild.
>> 
>> -Kumar
> 
> This is definitely interesting. A couple questions I have are:
> * would the app fail to boot/go into 'pirated' mode if the receipt server went down/started handing out bad responses?

Good question. The app developer must decide what to do here. I think the most user friendly thing to do is let the user continue using the app but keep a timer in local storage. If the user has gone a week without going online then something is fishy, so start blocking usage. 

In practice, I don't think this will be much of a problem. Just like any modern iOS/Android app, network connectivity is pretty much required for anything to work. I mean, unless you purchased a fancy calculator and that's all you use on your phone (like, no phone calls :)) then you'll probably go online frequently.

> * with a fully open source OS and app, it seems it would always be fairly trivial to bypass at least the client-side part of the equation, or is there something I'm missing that would prevent the user from just removing the receipt validation code? obviously if the app's actual functionality required data from a server you run that would change things

It will be hard to remove client side code on Firefox OS. That is, hard in the same way you'd do it in iOS: you'd have to turn on debug settings, maybe fiddle with some certs, and essentially root your phone. So, yeah, it's not that hard :)

The iOS hacks out in the wild do things like patch certs and put a DNS proxy in front of the app to stub out receipt verifiers. Example: http://www.macworld.com/article/1167677/hacker_exploits_ios_flaw_for_free_in_app_purchases.html#lsrc.twt_lexfri

As you mention, if an app has a strong server component then DNS/cert hacks would be harder. For example, if a fun part of a paid game involves connecting with your friends online then it will be harder to pirate the game.

> 
> 
> -- 
> Paul Meserve
> Pogoapp | www.pogoapp.com
> 
> 
Received on Wednesday, 27 February 2013 17:57:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 February 2013 17:57:01 GMT