[Openid-specs-fapi] (FYI) In Wallet We Trust: Bypassing the Digital Wallets Payment Security for Free Shopping
Nat Sakimura
nat at sakimura.org
Mon Sep 2 12:54:57 UTC 2024
I have only read the abstract and a Japanese report on it, but it looks
pretty intriguing.
As one of the mitigation, it is proposing Push-based MFA authentication
method.
* The abstract:
https://www.usenix.org/conference/usenixsecurity24/presentation/anwar
* The paper: https://www.usenix.org/system/files/usenixsecurity24-anwar.pdf
Cheers,
Nat Sakimura
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20240902/af676841/attachment.html>
More information about the Openid-specs-fapi
mailing list