|Release target||Marketplace July|
|Product manager||Justin Scott|
|Directly Responsible Individual||Wil Clouser|
|Security lead||Raymond Forbes|
|QA lead||Krupa Raj|
|Product marketing lead||`|
Stage 1: Definition
1. Feature overview
Allowing users to set a PIN that must be entered prior to every purchase enhances security for those concerned about accidental or fraudulent purchases.
2. Users & use cases
1. A user with kids wants to ensure purchases aren't made without his knowledge.
2. A user hates being prompted to enter his password every time he wants to buy an app on his phone, but is still concerned about his account's security.
Stage 2: Design
5. Functional specification
Users can set a Purchase PIN from their Account Settings page by picking a 4-digit number and confirming it. Prior to every purchase -- up front or in-app, desktop or mobile, the user must correctly enter this PIN.
The PIN is optional, but its existence could be advertised during purchases, e.g. "Security tip: setting up a Purchase PIN only takes a few seconds and guards against accidental purchases."
PayPal pre-auth keys could be encrypted using this PIN such that users would be further protected against any Marketplace compromise.
- Require the PIN for all setup processes of users
- Use the PIN to encrypt the stored pre-auth key
- Do not permanently store the PIN, instead use the provided PIN to decrypt the pre-auth key for a point in time use. Then disregard both the PIN and the decrypted pre-auth value
- May need to investigate increasing the key size
- This could be accomplished by appending to a static value on the server side (which is stored outside the database)
6. User experience design
Stage 3: Planning
7. Implementation plan
Quality Assurance review
Stage 4: Development
Stage 5: Release
10. Landing criteria
|Theme / Goal||`|
Team status notes
|Security||sec-review-needed||Implementation review from rforbes
1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);