Re: [webauthn] Cross-origin credential creation in iframes (#1656)

@agl The de-facto standard for mobile to desktop interaction is QR code.  Using the aforementioned (in Europe and China already deployed) native mobile apps, you open the application, point to the QR, receive the request on the mobile, and then authorize.  You never have to type in card numbers etc. This system typically also works without modifications at the PoS terminal.

Regarding 3DS, due to the PSD2 regulation EU banks have been forced implementing support for SCA (Strong Customer Authentication).  That is, you are already enrolled when you get your mobile application.  There is no PSD2 in the US but given the fact that it took the US 10 extra years to get chip-card support compared to the EU, we are on very slow train.

GitHub Notification of comment by cyberphone
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Thursday, 29 July 2021 06:02:03 UTC