07 Oct New Standard Makes Entering Credit Card Info Easier, Raises Security Concerns
A new W3C standard called Payment Request API is now increasingly being adopted in most browser implementations since it makes entering and storing credit card info significantly faster. However, the fact that it stores the information in the browser similar to how passwords are currently saved raised concerns from a number of privacy and cybersecurity researchers.
The API will enable users to use their credit card info on sites with only a few clicks. Google Chrome and Microsoft Edge has supported it since 2016, with Firefox, Safari, Facebook and Samsung not far behind.
However, the API is still being developed and there are still bugs that have yet to be addressed. Dr. Lukasz Olejnik of Princeton’s Center for Information Technology Policy says that some sites can abuse it to profile users.
Source: Bleeping Computer