Re: [webpayments] How are third-party native wallets integrated? (#42)

@rsolomakhin : Extending the EV status given to a webserver over to a payment app by storing a hash of the app on the EV server might work.

However, from how I understand [App Linking]( works, it allows apps to open links to a server without user's consent. It does so by comparing the sha256 fingerprint of the app's signer cert with what is provided by the server's assetlinks.json.

Thus, I assume it's the Android OS that compare the signer cert hash with what is in assetlinks.json. Will the browser have access to calculate the SHA256 fingerprint of the payment app's signer cert?

Reply to this email directly or view it on GitHub:

Received on Thursday, 18 February 2016 13:41:48 UTC