Firefox/Features/Web Payments/Privacy & Security Considerations: Difference between revisions

Firefox/Features/Web Payments/Privacy & Security Considerations (view source)

Revision as of 22:46, 27 June 2018

245 bytes added , 27 June 2018

→‎Information Leakage: more details and links

Stpeter

58

edits

@@ Line 46: / Line 46: @@
 In addition, we have instituted several policies to ensure that user data is not leaked:
-* Firefox does not share the user's full shipping address until the user approves the payment at the very end of the in-browser workflow (see {{bug|1443735|Bug 1443735}}).
+* Firefox does not share the user's full shipping address until the user approves the payment at the very end of the in-browser workflow (see {{bug|1443735|Bug 1443735}}). Before then, Firefox shares only the minimum information (country and postal code) needed to determine shipping viability and cost.
-* Although a merchant website could gather the user's partial shipping address (country and postal code) by calling the Payment Request .show() and .abort() functions in quick succession, to prevent abuse have implemented a minimum amount of time to display the payment sheet, thus making it difficult for a website to trick a user into sharing this information (see {{bug|1447773|Bug 1447773}}).
+* Although a merchant website could try to gather the user's country and postal code by calling the PaymentRequest.show() and .abort() functions in quick succession (see [https://lcamtuf.blogspot.com/2010/08/on-designing-uis-for-non-robots.html this post] for related attacks), to prevent abuse we have implemented a minimum amount of time (5 seconds) to display the payment dialog window, thus making it difficult for a website to trick a user into sharing this information (see {{bug|1447773|Bug 1447773}}).
 == Device Fingerprinting ==