Skip to content

Security and Privacy Considerations

Manu Sporny edited this page Jul 8, 2016 · 4 revisions

Attacks that the Web Payments API is susceptible to:

Confidentiality Violations

Motivation: Attacker wants to know about victims location or spending behavior

Attack Vector: Browser extension or compromised Javascript code

Attacker installs code to listen to PaymentRequestUpdateEvents and report contents of PaymentDetails to attacker website.

Password Sniffing

No known password sniffing attacks

Offline Cryptographic Attacks

No known cryptographic attacks other than capture and brute force HTTPS.

Replay Attacks

Motivation: MitM wants to harm merchant by issuing previously processed PaymentResponses

Attack Vector: Browser extension or compromised Javascript code

Attacker installs code that store (via localStorage) and replay previous basic card spec payment responses.

Message Insertion

Motivation: MitM wants to mine victim data by requesting fields that merchant does not need.

Attack Vector: Browser extension or compromised Javascript code

Attacker installs code that modifies paymentOptions to request information that merchant does not need and then reports this back to attacker's servers.

Message Deletion

Motivation: MitM wants to reprioritize acceptable payment methods.

Attack Vector: Browser extension or compromised Javascript code

Attacker installs code that modifies the list of acceptable payment methods before sending them on to the mediator.

Message Modification

Motivation: MitM wants to harm merchant by modifying price charged by merchant.

Attack Vector: Browser extension or compromised Javascript code

Attacker installs code that modifies total amount displayed to user and then modifies the amount before it is sent to the mediator.

Man-In-The-Middle

On-path Attacks

Off-path Attacks

Link-local Attacks

Clone this wiki locally