Thanks for the note. On Sun, Aug 30, 2015 at 1:50 PM, Anne van Kesteren <ann...@annevk.nl> wrote: > On Sun, Aug 30, 2015 at 7:33 AM, Tim Guan-tin Chien > <timdr...@mozilla.com> wrote: >> It's also worthy to point out many nation-state deploys Smart Card >> identifications (despite the privacy concern), allow it's citizens (or >> subjects) to authenticate with government services online. > > It seems a potential future for that which works within the web's > security model is FIDO, see > > https://fidoalliance.org/ > https://support.google.com/accounts/topic/6103521
Indeed, banks in Taiwan are slowly rolling out OTA based authentications primary mobile app banking users, despite 100% of the ATM cards are already smart cards (required by legal mandate against forgery since 2006) and you can already access back accounts from "WebATM" websites & smart card readers with -- again, ActiveX or Java plug-in. I can't argue if either is securer or "better" compare to another, but it's important to acknowledge we cannot change the banking industry or government IT service industry over night by refusing providing solutions. > I don't think we're currently working on this though. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
