stubzug
commented
3 years ago Public keys of paymails change everytime so a user cannot input their own paymail.
Closed stubzug closed 3 years ago
stubzug
commented
3 years ago Public keys of paymails change everytime so a user cannot input their own paymail.
stubzug
commented
3 years ago MFA using customers phone number or email? - customer 1 vs customer 2. How do we verify that customer 1 paid.
stubzug
commented
3 years ago Force vendors to use paymail in plugin configuration (input validation)- We need to cache order number and uniquely generated vendor public key to verify unique purchase.
stubzug
commented
3 years ago To further secure purchase verification, require user phone/email. - This also supports our lists.
stubzug
commented
3 years ago Resolved: Vendor plugin subscription requires use of paymail to randomize the vendors public key every time. Customer ID and Vendor ID are now unique for every transaction. (Even multiple transactions from the same customer are unique to avoid double transaction validation.) Win-Win
What can we do to remove the transaction ID input requirement.