Conversation
|
Hmm, this looks like a security nightmare. Anyone with access to the laptop will be able to see it. |
|
Doesn't imply everyone has to save it. It is optional. It does not save complete phone or card number. It only saves vpa and last 4. |
vpa has the full card number as part of it. Even if its optional, some people who do not know the implication will save it and if they get in trouble somehow they can claim, it was stored as plain text in my browser due to this tool. This is the reason, google chrome saves it after encrypting it with a password and not in plain text. |
|
how about I add Web Authentication API and Credential Management API. Users would have to input pin/biometrics if they want to save locally. Would you merge it after that? |
|
Yes, this seems secure if I understand it will need user password to
save/retrieve the card, can you create an issue describing this.
I will assign it to you then you can work on it. The codebase has changed
quite a bit after your changes, so starting from new react base will be
easier to work on.
In addition to that, I have assigned the card bank to another person, so,
you just focus on this particular feature.
…On Wed, Sep 18, 2024, 9:13 PM Harshvardhan Malpani ***@***.***> wrote:
how about I add Web Authentication API and Credential Management API.
Would you merge it after that?
—
Reply to this email directly, view it on GitHub
<#7 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAM2ZYB66U5UJUAJRKKVWJTZXGNSBAVCNFSM6AAAAABOF77AHWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNJYHAZDENBYHE>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
2 participants
Now users can save their upi details in localstorage