W3C home > Mailing lists > Public > public-payments-wg@w3.org > July 2016

RE: Encrypting basic card data

From: Adrian Bateman <adrianba@microsoft.com>
Date: Mon, 11 Jul 2016 15:40:18 +0000
To: Adrian Hope-Bailie <adrian@hopebailie.com>
CC: Payments WG <public-payments-wg@w3.org>
Message-ID: <CY1PR03MB140583D6EC0AAD6A3749B422D33F0@CY1PR03MB1405.namprd03.prod.outlook.com>
> On Mon, Jul 11, 2016 at 10:43:17, Adrian Hope-Bailie wrote:
> I'm hearing:
> 
> Let's not do this in v1, it may imply more security than is actually
> being provided and we haven't actually identified the threat properly to
> evaluate it's value.
> 
> Rather, let's work out a comprehensive solution for v2 that fully
> mitigates a MiM threat

I don't see a rush to do more in v1 unless we discover something that makes implementations
more vulnerable than current sites. I think the encryption can be used for a functional
scenario but I'm worried about saying it increases security without saying against what
threat.

More broadly, though, I've heard several people mention MITM attacks but I haven't yet
understood who is the attacker and what are they attacking. It seems like some people
are trying to mitigate against users changing the payment request. Others against
malicious client side code. Others against network listeners. We need to enumerate the
threats, understand the vulnerabilities, and address them with appropriate mitigations.

Today, I believe we have equivalent security to typical online checkout forms but if
someone has a scenario that shows that isn't true then we need to review it.

Ade.
Received on Monday, 11 July 2016 15:40:51 UTC

This archive was generated by hypermail 2.3.1 : Monday, 11 July 2016 15:40:52 UTC