Confirmed users
717
edits
Line 22: | Line 22: | ||
Use cases for unauthenticated code: click on a phone number in an email or browser to dial | Use cases for unauthenticated code: click on a phone number in an email or browser to dial | ||
Authorization model for uninstalled web content: Explicit | Authorization model for uninstalled web content: Explicit via web activities | ||
Authorization model for installed web content: Explicit | Authorization model for installed web content: Explicit via web activities | ||
Potential mitigations: When user clicks on a phone number, app triggers a web activity to initiate the call. User interaction required to trigger. | Potential mitigations: When user clicks on a phone number, app triggers a web activity to initiate the call. User interaction required to trigger. |