You are viewing a single comment's thread from:

RE: Hive Authentication Services - Developer guide - part 1

in HiveDevs • 3 years ago

Could You share some online publications about out-of-band data ?

Yes, more posts about it and how security is managed are coming... 😅

how does the HAS protocol prevent such an attack ?

That will be addressed in the coming posts too.
TLDR; auth_req sent by a malicious app to HAS will expire and be ignored if the user's PKSA is not running. If the PKSA is running, PKSA should ignore them if they did not retrieve a matching off-band auth_req_payload before.

3 years ago in HiveDevs by
$0.00
    Reply 0
    Sort:  
  • Trending