[Openid-specs-fapi] The FAPI Security Model - Under Fire

Tom Jones thomasclinganjones at gmail.com
Sat Feb 24 19:24:06 UTC 2018

yeah, that fits the UK business model.
It wont fly in the US however.

Peace ..tom

On Thu, Feb 22, 2018 at 11:53 PM, Anders Rundgren via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net> wrote:

> Hi FAPIers,
> As a curious person I have always wondered how Open Banking/PISP/SCA would
> combine with Amazon's famous one-click checkout.
> Various LinkedIn and Slack conversations have revealed the (ugly?) truth.
> The intention (at least in the UK), is giving OAuth tokens "eternal life"
> and rather letting PISPs (Amazon is expected to be a one), deal with payer
> authorization.  This faithfully emulates the "card-on-file" system that
> powers most US based super providers.
> Cheers,
> Anders
> _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20180224/ee542953/attachment.html>

More information about the Openid-specs-fapi mailing list