A problem with microtransactions

February 23, 2009

One corollary of Internet scale security is to point out a lurking issue with microtransactions (one of the perennial Internet enthusiasms in some quarters). The problem is how you handle authorizing microtransactions.

If you prompt the user every time they spend a cent, I think it's very like that people will rapidly find this far too annoying and stop using microtransactions at all. If you do not require the user to authorize transactions you open yourself (and the user) up to attacks where the user's browser or other agent is either subverted or fooled into authorizing undesired things.

Normally something that nets only, say, a cent per transaction would have too small a payoff to be worth attacking. However, Internet scale means that if it can be done automatically without user authorization it can be automated and done in mass, either to individual users or across a lot of users. And that can rapidly turn into enough real money to be worth it, especially if running the attack has very low overhead for the attacker (much like mass ssh scanning).

I suspect that the fix for this will have to be client-side, where whatever program is authorizing these transactions has the sort of anti-fraud precautions that credit card processors do; volume limits, things that look for odd patterns, and so on. (Requiring people to authorize the first few microtransactions with a given vendor is sensible but, I think, doesn't entirely help in the long run.)

(Of course, microtransactions have a lot of other problems, including that people much prefer predictable flat rate expenses over unpredictable variable ones.)

Written on 23 February 2009.
« Internet scale security: the impact of cheapness
A core principle of error and warning messages »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Mon Feb 23 01:38:43 2009
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.