L. David Baron @dbaron@w3c.social · Aug 17, 2017 · 10:01 PM UTC

L. David Baron @dbaron@w3c.social @davidbaron

17 Aug 2017

Disturbed by @DonorBox-powered UI's interaction with Web's security model: it asks for bank login/password on origin that's not the bank's.

L. David Baron @dbaron@w3c.social · Aug 18, 2017 · 3:09 AM UTC

L. David Baron @dbaron@w3c.social · Aug 18, 2017 · 3:09 AM UTC

L. David Baron @dbaron@w3c.social @davidbaron

18 Aug 2017

PCI compliant doesn't mean they're not training users to do things that they should never do if they want to be safe on the Web.

Aug 18, 2017 · 3:09 AM UTC