[webpayments] How do we prevent keyboard hooking during payment? (#90)

I looked through the architecture part and didn't find anything related. During payment process, when user types his login password or payment password, his environment may be insecure and some hook processes may exist, then these malicious processes can get what users type. So does our proposal contain something related with secure input? And should it be handled by which part? Payment App, Payment Method or Payment Mediator?

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/90

Received on Monday, 15 February 2016 06:02:30 UTC