JerryMungo
Honorary Master
- Joined
- Jul 18, 2008
- Messages
- 37,574
- Reaction score
- 6,331
.
Last edited:
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
It bothers me when my own bank does it (FNB often requires the card pin when making changes to daily limits). I'd be doubly bothered by some 3rd party ask for it.
I'm talking about Zapper.It’s not a third party though, Masterpass is part of MasterCard.
So it’s like the first party.
Your bank being the second party.
This. They claim they don't store or capture it... just like Facebook claim they don't store your PW... but in reality it's up to the devs. Hopefully their peer review system is solid.
They will be required to encrypt the PIN, and pass it to the acquiring host who can decrypt the PIN. That's currently what we do.
The PIN encryption is a standard anyhow.
What do you mean "the pin encryption is a standard anyhow"?
This is an android app, not a POS device?
My point being , this is not open source code that I can review. Of course I could run a wireshark session to confirm TLS is active and trace destination etc...
If you're using a masterpass app then that is a mastercard. Do you really think mastercard is going to send your pin to zapper? Mastercard does the authorisation, not zapper.I'm talking about Zapper.
Masterpass and Vodapass ask for the pin.
I used it a few times now.
So far no issues.....touch wood