924 bytes added,
13:15, 25 June 2012 Name of API: WebNFC API
Reference:<br>
https://wiki.mozilla.org/WebAPI/WebNFC
https://bugzilla.mozilla.org/show_bug.cgi?id=674741
Brief purpose of API: Allow core (certified) apps to interact directly with NFC devices
General Use Cases:
Inherent threats:
*Theft of sensitive data
*Device compromise (configuring NFC device)
*Potential for financial impact (payments via NFC)
Threat severity: Critical
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: None
Authorization model for normal content: None
Authorization model for installed content: None
Potential mitigations: N/A
== Trusted (authenticated by publisher) ==
Same as for installed unauthenticated app
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code:
*Configure, enable/disable NFC devices.
*Interact with NFC devices.
*Manage NFC payments.
Authorization model for normal content: Implicit