Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Exploiting Cashier-as-a-Service Providers (

SydShamino writes: Researches at Indiana University and Microsoft found and exploited flaws in the communication between web stores and third-party cashiers (Amazon Payments, PayPal, Google Checkout) to order items for free, or at prices of their choice. "We believe that it is difficult to ensure the security of a CaaS-based checkout system in the presence of a malicious shopper" said the study co-author. The identified flaws have been reported and fixed, but they feel that more, similar flaws are likely given the complicated nature of many web-based transactions.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Exploiting Cashier-as-a-Service Providers

Comments Filter:

A language that doesn't have everything is actually easier to program in than some that do. -- Dennis M. Ritchie