From MozillaWiki
Jump to: navigation, search
Stop (medium size).png
The Marketplace has been placed into maintenance mode. It is no longer under active development. You can read complete details here.

Marketplace Payments is now the only consumer of the Trusted UI. Should we keep it?

Originally created in:


What does the Trusted UI provide that is of value?

  • A global cookie jar so that information can be re-used across apps. Specifically, when starting an in-app payment from App #1 you have to log in on the first purchase but not on the second purchase. When starting a payment from App #2, you should also not have to log in again.
  • A seamless in-app payment flow: the user taps a button, enters a payment window, completes the payment, and is automatically returned to the context of the app.


What problems does the Trusted UI cause?



  • The small screen is a problem for UX.
  • It's not obvious what the screen actually indicates to the consumer.
  • The UX and interactions are different for mobile/desktop, and we need to design our payment system to reflect that.
  • The visual design of Trusted UI leaves a lot to be desired.


  • It doesn't fix any of the original security issues it was designed for.
    • Spoofability: The Trusted UI opens over the user's home screen but a malicious app could simulate a user's home screen by showing the stock Firefox OS app icons. To the casual user who has not customized their home screen or who is not studying the pixels in details, this spoofed payment window would look the same.


What's a better approach?