Marketplace/TrustedUIRework: Difference between revisions
Jump to navigation
Jump to search
(→Advantages: edit) |
|||
| Line 7: | Line 7: | ||
What does the Trusted UI provide that is of value? | What does the Trusted UI provide that is of value? | ||
* A global cookie jar so that information can be re-used across apps. | * A global cookie jar so that information can be re-used across apps. Specifically, when starting an in-app payment from App #1 you have to log in on the first purchase but not on the second purchase. When starting a payment from App #2, you should also not have to log in again. | ||
== Problems == | == Problems == | ||
Revision as of 19:25, 5 December 2014
Marketplace Payments is now the only consumer of the Trusted UI. Should we keep it?
Originally created in: https://bugzilla.mozilla.org/show_bug.cgi?id=794999
Advantages
What does the Trusted UI provide that is of value?
- A global cookie jar so that information can be re-used across apps. Specifically, when starting an in-app payment from App #1 you have to log in on the first purchase but not on the second purchase. When starting a payment from App #2, you should also not have to log in again.
Problems
What problems does the Trusted UI cause?
Platform
- Maintenance
- Multiple bugs keep occurring as the platform evolves.
- List of bugs:
UX
- The small screen is a problem for UX.
- It's not obvious what the screen actually indicates to the consumer.
Security
- Doesn't fix a range of security issues.
- Is still spoofable.
Solutions
What's a better approach?