[Openid-specs-fapi] The FAPI Security Model - Under Fire
thomasclinganjones at gmail.com
Sat Feb 24 19:24:06 UTC 2018
yeah, that fits the UK business model.
It wont fly in the US however.
On Thu, Feb 22, 2018 at 11:53 PM, Anders Rundgren via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net> wrote:
> Hi FAPIers,
> As a curious person I have always wondered how Open Banking/PISP/SCA would
> combine with Amazon's famous one-click checkout.
> Various LinkedIn and Slack conversations have revealed the (ugly?) truth.
> The intention (at least in the UK), is giving OAuth tokens "eternal life"
> and rather letting PISPs (Amazon is expected to be a one), deal with payer
> authorization. This faithfully emulates the "card-on-file" system that
> powers most US based super providers.
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-fapi