WebAPI/Security/SMS

From MozillaWiki
Jump to navigation Jump to search

Name of API: Web SMS API

References: https://bugzilla.mozilla.org/show_bug.cgi?id=674725
Discussion: https://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/58a66963732b09a0/9ae97f65a9e74c78

Brief purpose of API: Send and receive SMS messages

General Use Cases: None

Inherent threats:

  • Sending an SMS costs user money, premium SMS services, SMS payments etc
  • Receiving SMS has privacy implications, SMS also used for 2-factor authentication

Threat severity: critical per https://wiki.mozilla.org/Security_Severity_Ratings

Regular web content (unauthenticated)

Use cases for unauthenticated code: App prompts user to send SMS

Authorization model for uninstalled web content: Explicit via web activities

Authorization model for installed web content: Explicit via web activities

Potential mitigations:

Privileged (approved by app store)

Use cases for privileged code: Full-featured SMS app. Read & send SMS.

Authorization model: Explicit

Potential mitigations:

  • Set thresholds or warnings on premium numbers.
  • Only allow sending of SMS's to user-provided contacts.
  • Show OS confirmation of message before sending.

Certified (system-critical apps)

Use cases for certified code: SMS app

Authorization model: Implicit

Potential mitigations: None beyond certification

Notes

Should trusted apps be able to register as handlers for SMS web activities/intents, or only certified apps?


Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/SMS&oldid=458290"