We did think of that :) - we can detect your tampering with the forms we protect. But that said it doesn't stop everything if you can install a keylogger, or get the user to enter data somewhere else we can't stop it and it does depend on where in the user journey you try and protect things, as someone else here has pointed out if any of the journey is HTTP (or HTTPS being MITM) then they can send the user somewhere else.However I'd also argue you don't actually need to stop people grabbing the data. Noticing achieves a large chunk of that, as (for example) I can notify the credit card system it's happened.
If you want to see exactly what it does and doesn't do see https://resources.irdeto.com/payments-banking/solution-overv...
icebraining|9 years ago
And you can't guarantee that you can notify either, and for the same reason. The code that leaves your server won't be the code that actually runs on the client - it'll be a mutated version that will say "everything is OK" and acts normally to your server while it sends all the data somewhere else.
Nothing has changed since [1] was written; I don't see how that is anything but DRM promising more than it can deliver.
[1] https://www.nccgroup.trust/us/about-us/newsroom-and-events/b...
dfc|9 years ago
bgidley|9 years ago
It can't stop keyloggers, people looking over your shoulder, malware in the browser (MITB)/plugins as it still sits within the browser sandbox. It can in some cases detect that, and in some cases hinder it.
An attacker can stop it loading by MITM the connection, but then the site can't work against it's APIs as the solution also verifies as data goes into those API's the encryption is present and the code isn't tampered. If it's tampered a business rule is applied to decide what to do, either stop the messages, OR pass it back to risk management systems (very common in finance).