On 24 April 2012 22:22, Walter Stanish <walter@ifex-project.org> wrote: > > I suggest that example identity strings in the short spec doc don't have > > fragments in them, also that the sentence where you state that any URL > will > > do could affirm that when fragments are provided, the fragment is > important > > and MUST NOT get stripped. > > In many mature financial systems we see various types of multifactor > authentication in use: > - Credit card processing often has a requirement for signatures, > physical addresses, expiry dates, customer names in addition to > numbers > - International SWIFT or Western Union transfers often pair recipient > address, phone, email, name or other data along with recipient bank, > branch and account number > > These additional factors within a financial transaction assist in > either reducing fraud (debit transaction) or accidental routing errors > (credit transaction) from the simplest case of only using the base > financial endpoint specifier (ie. the credit card number in the case > of a credit card debit transaction, or the bank, branch and account > number in the case of an international transfer). > > There MAY be some potential to use the 'fragments' you mention for > such multi-factor 'error (or fraud) reduction' or for carrying > reporting information that may be mandated for regulatory or other > purposes (check out what's 'required' to send a SWIFT transaction > these days - you can't predict bureaucracy!), though I am not clear > enough about the proposal at this stage to say so with clarity. > Thanks for pointing this out, it's very key. Multi factor auth is important for financial integrity. I didnt model auth in my minimal spec (principle of least power) but it should be possible to layer on top. I considered creating a facebook payement system basedon both your facebook login AND a client certificate in your browser, to illustrate a point, but didnt get time. I think I could have built it using webcredits in under a month, maybe under a week. Just a case of doing things in the right order. > > Just some thoughts... > > Regards, > Walter Stanish > The IFEX Project > http://ifex-project.org/ >Received on Tuesday, 24 April 2012 22:53:35 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:20 UTC