Intent to Implement - Web2Native Bridge for Android

F.Y.I.

I'm a firm believer that there usually are more than one road to "approximately" the same goal.

 From my watchtower it seems that practically all new (client-side) payment systems build on native "Apps".
These "Apps" (including Google's, Apple's, and Alipay's), are highly proprietary/secret and will likely stay that for quite a while.
What (IMO) is missing is a more useful way of calling such Apps than currently provided by Android and iOS.

The security issues calling Apps from the Web are IMO exaggerated since you already can invoke Apps from the Web using Android Intents. That "talking back" to the invoking Web page would introduce additional vulnerabilities haven't been proven.

In fact, the achievable security offered by W2NB exceeds that of Android Intents since the latter typically make Apps bypass the browser security model for external communication not to mention the lack of a Web security context to invoked Apps.  That invoking Web pages are "orphaned" make the user interface suffer.

Put in a W3C context, W2NB also addresses most of the use-cases of the apparently rather stuck https://www.w3.org/community/hb-secure-services/ activity:
https://poulpita.com/2016/11/28/is-hardware-based-secure-web-services-a-lost-quest-no-well/

Although just an option, W2NB could for example offer a more conventional alternative to Verified Claims' somewhat esoteric WebDHT credential storage solution.

Anders
https://github.com/cyberphone/web2native-bridge#web2native-bridge---uniting-the-web-and-app-worlds

Received on Saturday, 17 December 2016 13:29:21 UTC