Open Bloody-Badboy opened 3 years ago
SonarCloud Quality Gate failed.
0 Bugs
0 Vulnerabilities
1 Security Hotspot
4 Code Smells
No Coverage information
0.0% Duplication
Catch issues before they fail your Quality Gate with our IDE extension SonarLint
Proposed changes
Describe the big picture of your changes here to communicate to the maintainers why we should accept this pull request. If it fixes a bug or resolves a feature request, be sure to link to that issue.
Types of changes
Transfer card tokenisation details to checkout server in JOSH format instead of plain text
What types of changes does your code introduce to frames-android?
Checklist
Further comments
Currently, card tokenisation request sent to checkout.com in
applicaton/json
format which is plain text and vulnerable to attack, instead of that send the card details in encrypted format using JWE token withRSA-OAEP-256
scheme andAES256 GCM
symmetric encryption.