Exploiting Cashier-as-a-Service Providers

Slashdot

+ - Exploiting Cashier-as-a-Service Providers-> 0

Submitted by SydShamino on Wednesday April 06, 2011 @06:28PM

SydShamino writes "Researches at Indiana University and Microsoft found and exploited flaws in the communication between web stores and third-party cashiers (Amazon Payments, PayPal, Google Checkout) to order items for free, or at prices of their choice. "We believe that it is difficult to ensure the security of a CaaS-based checkout system in the presence of a malicious shopper" said the study co-author. The identified flaws have been reported and fixed, but they feel that more, similar flaws are likely given the complicated nature of many web-based transactions."
Link to Original Source

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Exploiting Cashier-as-a-Service Providers

Load All Comments

Search 0 Comments Log In/Create an Account

Comments Filter:

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

QOTD: "You want me to put *holes* in my ears and hang things from them? How... tribal."

Exploiting Cashier-as-a-Service Providers More Login

Exploiting Cashier-as-a-Service Providers