W3C home > Mailing lists > Public > public-webpayments@w3.org > September 2014

Re: Privacy in Web Payments [Was: Re: Nigeria launches national electronic ID cards]

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Thu, 18 Sep 2014 21:22:43 -0400
Message-ID: <541B8563.4060301@digitalbazaar.com>
To: Steven Rowat <steven_rowat@sunshine.net>, Web Payments CG <public-webpayments@w3.org>
On 09/11/2014 12:18 AM, Steven Rowat wrote:
> So, while I agree that privacy will central to the credentials work,
> I think it's closer to being evenly split between payments and
> credentials.

+1

> IMO this was made clear by the example demonstration in the Istanbul
> IG workshop video, in that it showed that credentials standards and 
> payments standards will be used intertwined and all in one quick 
> interaction, within seconds and sometimes milliseconds of each other.
> So I don't think it's going to be easy to say -- or at least, predict
> at this point -- which privacy issues relate to the credentials and
> which to the payments.

Yes, I think you're right. We regularly go through attack exercises at
Digital Bazaar to see where the weak points are in the system wrt.
denial of service attacks, privacy attacks, cryptographic attacks,
pervasive monitoring attacks, etc. It takes constant attention to detail.

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Marathonic Dawn of Web Payments
http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Friday, 19 September 2014 01:23:14 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:03:39 UTC