touch-packages team mailing list archive

["Alejandro J. Cura" <alecu@xxxxxxxxxxxxx>]

I think this is a valid concern.

Anyway, the info shown by the padlock bubble should be the same as what
the browser shows when visiting the same page. Would showing extra info
there provide more assurance?

Perhaps opening the browser instead to complete the payment is a better
solution?


** Changed in: unity-scope-click (Ubuntu)
   Importance: Undecided => Medium

** Changed in: unity-scope-click (Ubuntu)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity-scope-click in
Ubuntu.
https://bugs.launchpad.net/bugs/1489643

Title:
  Paypal login cannot be assured to be from paypal

Status in Ubuntu UX:
  New
Status in unity-scope-click package in Ubuntu:
  Triaged

Bug description:
  When paying for an app with Paypal, the Paypal login screen is
  presented in an Ubuntu wrapper. There is no indication on this page
  that I'm actually looking at paypal.com rather than being phished or
  that some bad DNS has pointed me to a wrong site. The padlock in the
  top corner doesn't indicate anything I'm inclined to believe -- is it
  showing that the connection is https? Has it verified that I'm really
  talking to Paypal? How can I know that? This is encouraging people to
  type their Paypal password into phishing sites. The previous step in
  the purchase process, where I'm choosing which payment system to use,
  also displays a padlock, and that hasn't connected to any payment site
  at all.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-ux/+bug/1489643/+subscriptions