Case Study: Interspire and PayPal Express. Case: Interspire and PayPal Express Interspire is an...

Case Study: Interspire and PayPal Express

2

Case: Interspire and PayPal Express

• Interspire is an eCommerce merchant software• Can be integrated with PayPal Express to collect

the payments• Need to maintain state of a transaction between

3 parties: the Attacker, the Merchant, and PayPal• Logic flaw allows the attacker to purchase an

order at a reduced price• Refer to Section III. B 1) in How to Shop For Free

Online for the complete description of this case

3

The Flaw

• Attacker can use a session with a successful payment status on a different order than it was intended for

• Allows attacker to complete an expensive order using the payment intended for a cheaper order

4

Discovering the Flaw

• Presented by Wang et al. in How to Shop for Free Online: Security Analysis of Cashier-as-a-Service Based Web Stores

• Used a manual code review method– Identify all API parameters the attacker can access– Test how parameters affect the internal state

5

Identify the API Parameters

• API parameters (method arguments) can be signed or unsigned

• Unsigned arguments: – Sent in cleartext

• Signed arguments:– Sender uses a digital signature to sign the

argument– Provides data integrity

6

Manipulating the API Parameters

• Attackers can manipulate data sent from the client side

• Test manipulating the arguments one at a time, then trace through the rest of the checkout process– See how each individual arguments affects the

internal state of the transaction, and the end result

7

Modifying Unsigned Arguments

• Change the value manually– store.com/checkout?price=5

• Leave the argument value empty– store.com/checkout?price=

• Remove the argument completely– store.com/checkout

8

Modifying Signed Arguments

• Replace a signed argument from one session with the same signed argument from a second session– Session 1:

• store.com/updateOrder?orderID=(SIGNED1)&sessionID=1

– Session 2: • store.com/updateOrder?orderID=(SIGNED2)&sessionID=2

– Replace orderID in session 1 with orderID from session 2: • store.com/updateOrder?orderID=(SIGNED2)&sessionID=1

9

Modifying Signed Arguments

• Leave the signed argument value empty– store.com/updateOrder?orderID=&sessionID=1

• Remove the signed argument completely– store.com/updateOrder?sessionID=1

• Reuse a signed argument from a completed transaction in a new transaction– Replay attack

10

Modifying the Workflow

• Try skipping steps of the transaction– Skip one step, then run the rest of the transaction– Skip multiple steps, then run the rest of the

transaction• Try running the steps out of order• Do these manipulations with expected

argument values• Then, do these workflow manipulations with

manipulated unsigned and signed arguments

11

Interspire and PayPal Express API Parameters

• Price (Total cost of items in the cart)• (ORDERID) (Signed Order object)• SessionID (Temporary session number)• PayerID (Like a userID)• PayPalExpress (Cashier being used)• Result (sent from PayPal to Interspire)• StoreID (sent to PayPal from Interspire)• Token (sent from PayPal to Interspire)

12

Notation Used in the Animation

• If a parameter is unsigned, it is represented with lower case words. For example:– price– sessionID

• If a parameter is signed, it is represented with all uppercase words inside parenthesis. For example:– (ORDERID)

• Parameter values are not shown– price – instead of price=5

13

The Attacker

• Parameters sent by the Attacker, or ones the Attacker could modify, are in red text

• API Methods accessible by the attacker are in black text

14

The Merchant

• Parameters sent by the Merchant are in blue text

• Code run by the Merchant is in blue text• Public API Methods (attacker accessible):– Store_checkout(Price,PayPalExpress)– Store_ finishOrder(TokenID, PayerID, SessionID); – Store_updateOrderStatus(OrderID, SessionID);

15

PayPal Express

• Parameters sent by PayPal Express is in green text

• Code run by PayPal Express is in green text• Public API Methods (attacker accessible):– PayPal_pay(token, payerID);

16

Interspire and PayPal Checkout Transaction Overview

• Step 1: Attacker adds items to their cart• Step 2: Attacker clicks on ‘Checkout’• Step 2a: The Store contacts PayPal and gets a token• Step 3: The Attacker is redirected PayPal for payment• Step 4: The Attacker is redirected to the Store to finish

the order• Step 4a: The Store contacts PayPal to check if payment

was made• Step 5: The Attacker is redirected to another Store

page to complete the order

17

Checkout Transaction Overview

1. Attacker adds cheap items to cart

2. store.com/checkout?price&PayPalExpress2a. PayPal.com/setExpressCheckout?StoreID

tokenRedirect to : PayPal.com/pay?token&payerID

3. PayPal.com/pay?token&payerID

Redirect to: store.com/finishOrder?token&payerID&sessionID

4. store.com/finishOrder?token&payerID&sessionID

4a. PayPal.com/doExpressPayment?StoreID&payerID

result

Redirect to: store.com/updateOrderStatus?(ORDERID)&sessionID

5. store.com/updateOrderStatus?(ORDERID)&sessionID

Transaction Completed

18

Translation between Case Study and How to Shop for Free

Case Study Figure 7 in How to Shop for Free article

2. store.com/checkout?price&PayPalExpress RT1.a: TStore.com/placeOrder

2a. PayPal.com/setExpressCheckout?StoreID RT1.a.a: CaaS.com/SetExpCheckout?identityT&…

token RT1.a.b: tokenC

Redirect to : PayPal.com/pay?token&payerID RT1.b: redir to CaaS.com/pay?tokenC

3. PayPal.com/pay?token&payerID RT2.a: CaaS.com/pay?tokenA


RT2.b: redir to TStore.com/finishOrder?tokenC&payerIDC

4. store.com/finishOrder?token&payerID&sessionID RT3.a: TStore.com/finishOrder?tokenA&payerIDA

4a. PayPal.com/doExpressPayment?StoreID&payerID RT3.a.a: CaaS.com/DoExpPay?identityT&tokenC&grossT

result RT3.a.b: resultC

Redirect to: store.com/updateOrderStatus?(ORDERID)&sessionID

RT3.b: redir to TStore.com/updateOrderStatus?orderIDT*

5. store.com/updateOrderStatus?(ORDERID)&sessionID RT4.a: Store.com/updateOrderStatus?orderIDT*

Transaction Completed RT4.b: Purchase done

19

Interspire and PayPal Express Flaw

• The following slides show how the logic flaw when Interspire used PayPal Express to collect payment can be exploited

• The HTTP interactions will be shown, followed by the manual code review

• A table tracks the internal state of the variables through each transaction step

20

The Animation

Each step of the transaction includes:1. Description of the step2. Sequence diagram to show which two parties

are communicating, and includes:– The API method called– The last party who could modified unsigned

parameters

3. The backend code for that API method– Pseudocode is based on C

21

1. Create Cheap Order (First Session)

• On the merchant website, the Attacker adds cheap items to their cart

22

1. Create Cheap Order (First Session)

Attacker adds cheap items to cart

23

myCustomer = myPrice = mySessionID = myTokenID = (ORDERID) =

Session 1 (Cheap Order) Session 2 (Expensive Order) Payment and other Variables

carts[ ] = carts[ ] = payments[ ] =

price = price =payerID =recipientID =paymentAmount =paymentType =orderID =

tokens[ ] = tokens[ ] =

recipientID = payerID =


orders[ ] = orders[ ] =

orderID =price =status =paymentType =


currentOrderID = 0currentPaymentID = 0currentSessionID = 0currentTokenID = 0customer = AttackerExpResults[ ] = ExpResults[ ] =

Program Variables

Attacker Variables

1. Create Cheap Order

myPrice = 5;

mySessionID = 0;

myCustomer = Attacker;

Attacker 5 0

24

2. Checkout Cheap Order

• On the merchant website, the Attacker clicks the checkout button

• On the merchants’ server side, a cart object is created– Is linked to the sessionID

25



store.com/checkout?price&PayPalExpress

26


carts[ ] = carts[ ] = payments[ ] =

price = price =payerID =recipientID =paymentAmount =paymentType =orderID =







currentOrderID = 0currentPaymentID = 0currentSessionID = 0currentTokenID = 0customer = AttackerExpResults[ ] = ExpResults[ ] =


createCart(myPrice)carts[currentSessionID].price = myPrice;

ExpResults[currentSessionID] = Pay_NotHappened;

currentSessionID++;

0

0

1

5

Pay_NotHappened

Store_checkout(myPrice,PayPalExpress)

Program Variables

Attacker VariablesmyCustomer = Attacker myPrice = 5 mySessionID = 0 myTokenID = (ORDERID) =

27

2.a During Checkout: Store Gets PayPal Token

• On the merchants’ server side, a call is made to PayPal Express API method to request a token for the transaction

• A token is returned to the merchants’ server• The Attacker does not have access to this

communication; it is directly between the merchant and PayPal Express

28


store.com/checkout?price&PayPalExpressPayPal.com/setExpressCheckout?StoreID

token


29

Session 1 Session 2 Payment and other Variables

carts[ 0 ] = carts[ ] = payments[ ] =

price = 5 price =payerID =recipientID =paymentAmount =paymentType =orderID =







currentOrderID = 0currentPaymentID = 0currentSessionID = 1currentTokenID = 0customer = AttackerExpResults[ 0 ] = Pay_NotHappened ExpResults[ ] =


PayPal_setExpressCheckout(StoreID);

tokens[currentTokenID].payer = Not Set;tokens[currentTokenID].recipientID = StoreID;

currentTokenID++;

StoreID 0

Not Set

1

//payer not valid yet

Program Variables

Attacker VariablesmyCustomer = Attacker myPrice = 5 mySessionID = 0 myTokenID = (ORDERID) =

30

3. Store Redirects to PayPal. Attacker Makes Payment

• The merchant redirects the Attacker to PayPal Express to make a payment– Attacker does pay for the order

• The token received from PayPal Express in step 2.a is included as a parameter in this new page request

31




PayPal.com/pay?token&payerID

3. Store Redirects to PayPal. Attacker Makes Payment

32

myCustomer = Attacker myPrice = 5 mySessionID = 0 myTokenID = (ORDERID) =




tokens[ 0 ] = tokens[ ] =

recipientID = StoreID payerID = Not_Set





currentOrderID = 0currentPaymentID = 0currentSessionID = 1currentTokenID = 1customer = AttackerExpResults[ 0 ] = Pay_NotHappened ExpResults[ ] =

3. Attacker Makes Payment on PayPal

PayPal_Pay(myTokenID, myCustomer);

tokens[myTokenID].payerID = myCustomer;if (myTokenID < 0 || myTokenID >= currentTokenID) return; //if invalid tokenID

Program Variables

Attacker Variables

Attacker

0

33

4. PayPal Redirects to Store. Store Creates Order

• After payment is made, PayPal Express redirects the Attacker back to the merchant to continue the checkout process

• The merchant creates an order object on the server – The payment status of the order is set to pending– Price is retrieved from cart stored on the server,

not from an API parameter– Is not linked to the sessionID

34



tokenRedirect: PayPal.com/pay?token&payerID


store.com/finishOrder?token&payerID&sessionID

4. PayPal Redirects to Store. Store Creates Order


35

myCustomer = Attacker myPrice = 5 mySessionID = 0 myTokenID = 0 (ORDERID) =





recipientID = StoreID payerID = Attacker





currentOrderID = 0currentPaymentID = 0currentSessionID = 1currentTokenID = 1customer = Attacker

ExpResults[ 0 ] = Pay_NotHappened ExpResults[ ] =

4. Store Creates OrderStore_finishOrder(myTokenID, myCustomer, mySessionID);

orderID = createOrder( carts[mySessionID].price, PENDING, PayPalExpress);if (mySessionID < 0 || mySessionID >= currentSessionID) return; //if invalid sessionID

Program Variables

Attacker Variables

orderID =

orders[currentOrderID].orderID = currentOrderID;orders[currentOrderID].price = carts[mySessionID].price;orders[currentOrderID].status = PENDING;orders[currentOrderID].paymentType = PayPalExpresscurrentOrderID++;return currentOrderID-1;

0

05PENDING

PayPalExpress

1 0

36

4.a Store Checks if Payment was Made

• The merchant asks PayPal Express if payment was made

• PayPal Express records the payment on their server• PayPal Express returns the result of payment– Payment Suceeded– Is linked to the sessionID

• The merchant digitally signs an orderID with information about the order, whether or not payment suceeded

37





PayPal.com/doExpressPayment?StoreID&payerID

result




38








orders[ 0 ] = orders[ ] =

orderID = 0price = 5status = PENDINGpaymentType = PayPalExpress



orderID = 0



Program Variables

Attacker Variables

ExpResults[mySessionID] = PayPal_doExpressPayment(myCustomer, StoreID, myTokenID, orderID, carts[mySessionID].price);

if (myTokenID < 0 || myTokenID >= currentTokenID) return Pay_Failed; //if tokenID invalidif (tokens[myTokenID].payerID == Not_Set) return Pay_Failed; //if payer not confirmed

if (tokens[myTokenID].payerID != myCustomer) return Pay_Failed; //if payer not the customer

if (tokens[myTokenID].recipientID != StoreID) return Pay_Failed; //if recipient not the store

recordPayment(myCustomer, StoreID, PayPalExpress, carts[mySessionID].price, orderID);

39












orderID = 0



Program Variables

Attacker Variables

recordPayment(myCustomer, StoreID, PayPalExpress, carts[mySessionID].price, orderID);payments[currentPaymentID].payerID = myCustomer;payments[currentPaymentID].recipientID = StoreID;

payments[currentPaymentID].paymentType = PayPalExpress;payments[currentPaymentID].paymentAmount = carts[mySessionID].price;

payments[currentPaymentID].orderID = orderID;currentPaymentID++;

return Pay_Succeeded;

0

AttackerStoreID

5PayPalExpress

0

1

Pay_Succeeded

sign(orderID);

40

5. Store Redirects to Update Order Status

• After checking payment status with PayPal Express, the merchant redirects the Attacker to a final merchant page to complete the transaction– Signed (ORDERID) is included as a parameter

• Attacker stops this page from loading

41

store.com/updateOrderStatus?(ORDERID)=0&sessionID=0






result



Attacker stops the redirect from loading (can intercept with a proxy to do this)

Attacker now has session from cheap order stored with successful payment

results

Redirect to: store.com/updateOrderStatus?(ORDERID)=0&sessionID=0


42



carts[ 0 ] = carts[ ] = payments[ 0 ] =

price = 5 price =payerID = AttackerrecipientID = StoreIDpaymentAmount = 5paymentType = PayPalExpressorderID = 0








orderID = 0

ExpResults[ 0 ] = Pay_Succeeded ExpResults[ ] =

Program Variables

Attacker Variables

5. Store Redirects to Update Order Status Store_UpdateOrderStatus((ORDERID), mySessionID);


Attacker now has session from cheap order stored with successful payment results

0

43

6. Create Expensive Order (Second Session)

• In a new tab or second browser, the Attacker starts a second order

• Expensive items are added to the cart

44






result




Attacker now has session from cheap order stored with successful payment

results



Attacker adds Expensive items to cart

6. Create Expensive Order (Second Session)

Attacker creates a second session in a new tab or second browser

45

myCustomer = Attacker myPrice = 5 mySessionID = 0 myTokenID = 0 (ORDERID) = 0










currentOrderID = 1currentPaymentID = 1currentSessionID = 1currentTokenID = 1customer = Attacker ExpResults[ 0 ] = Pay_Succeeded ExpResults[ ] =

Program Variables

Attacker Variables

6. Create Expensive OrdermyPrice = 200;

mySessionID = 1;

200 1

46

7. Checkout Expensive Order

• On the merchant website, the Attacker clicks the checkout button

• On the merchants’ server side, a cart object is created– Is linked to the sessionID

47

store.com/checkout?price&PayPalExpress




48










currentOrderID = 1currentPaymentID = 1currentSessionID = 1currentTokenID = 1customer = Attacker ExpResults[ 0 ] = Pay_Succeeded ExpResults[ ] =

Program Variables

Attacker Variables


createCart(myPrice)carts[currentSessionID].price = myPrice;

ExpResults[currentSessionID] = Pay_NotHappened;

currentSessionID++;

Store_checkout(myPrice,PayPalExpress)

1

200

Pay_NotHappened1

2


49


• On the merchants’ server side, a call is made to PayPal Express API method to request a token for the transaction

• A token is returned to the merchants’ server• The Attacker does not have access to this

communication; it is directly between the merchant and PayPal Express

50


token




51


carts[ 0 ] = carts[ 1 ] = payments[ 0 ] =

price = 5 price = 200payerID = AttackerrecipientID = StoreIDpaymentAmount = 5paymentType = PayPalExpressorderID = 0







currentOrderID = 1currentPaymentID = 1currentSessionID = 1currentTokenID = 1customer = Attacker ExpResults[ 0 ] = Pay_Succeeded ExpResults[ 1 ] = Pay_NotHappened


Program Variables

Attacker Variables

PayPal_setExpressCheckout(StoreID);

tokens[currentTokenID].payer = Not Set;tokens[currentTokenID].recipientID = StoreID;

currentTokenID++;

StoreID 1

Not Set

2

//payer not valid yet


52

8. Store Redirects to PayPal. Attacker Skips Payment

• The merchant redirects the Attacker to PayPal Express to make a payment– Attacker does not pay for the order

• The token received from PayPal Express in step 2.a is included as a parameter in this new page request

53






8. Store Redirects to PayPal. Attacker Skips Payment

Attacker skips payment

54












Program Variables

Attacker Variables

StoreID 1

Not Set

2

1

8. Store Redirects to PayPal. Attacker Skips PaymentPayPal_Pay(myTokenID, myCustomer);

Attacker skips payment

55

9. PayPal Redirects to Store. Store Still Creates Order

• Payment is not made, but PayPal Express still redirects the Attacker back to the merchant to continue the checkout process

• The merchant creates an order object on the server – The payment status of the order is set to pending– Price is retrieved from cart stored on the server,

not from an API parameter– Is not linked to the sessionID

56








9. PayPal Redirects to Store. Store Still Creates Order

57




tokens[ 0 ] = tokens[ 1 ] =


recipientID = StoreIDpayerID = Not_Set






Program Variables

Attacker Variables

9. Store Creates OrderStore_finishOrder(myTokenID, myCustomer, mySessionID);

orderID = createOrder( carts[mySessionID].price, PENDING, PayPalExpress);if (mySessionID < 0 || mySessionID >= currentSessionID) return; //if invalid sessionID

orders[currentOrderID].orderID = currentOrderID;orders[currentOrderID].price = carts[mySessionID].price;orders[currentOrderID].status = PENDING;orders[currentOrderID].paymentType = PayPalExpresscurrentOrderID++;return currentOrderID-1;

orderID = 1

1200

PENDINGPayPalExpress

12

58


• The merchant asks PayPal Express if payment was made

• PayPal Express records the payment on their server• PayPal Express returns the result of payment– Payment Failed– Is linked to the sessionID

• The merchant digitally signs an orderID with information about the order, whether or not payment suceeded

59




PayPal.com/doExpressPayment?StoreID&payerIDresult (payment failed)






60







orders[ 0 ] = orders[ 1 ] =


orderID = 1price = 200status = PENDINGpaymentType = PayPal_Express


orderID = 1

ExpResults[ 0 ] = Pay_Succeeded ExpResults[ 1 ] = Pay_NotHappened


Program Variables

Attacker Variables

9.a Store Checks if Payment was MadeExpResults[mySessionID] = PayPal_DoExpressPayment(myCustomer, StoreID, myTokenID, orderID,

carts[mySessionID].price);

if (myTokenID < 0 || myTokenID >= currentTokenID) return Pay_Failed; //if tokenID invalidif (tokens[myTokenID].payerID == Not_Set) return Pay_Failed; //payer not confirmed

Pay_Failed

sign(orderID);

61


• After checking payment status with PayPal Express, the merchant redirects the Attacker to a final merchant page to complete the transaction– Signed (ORDERID) is included as a parameter

• Order not completed because payment failed\– Attacker still has access to the signed (ORDERID)

parameter

62












Attacker still gets signed (ORDERID) with information about the expensive order

Order not filled because payment verification failed

63











orderID = 1

ExpResults[ 0 ] = Pay_Succeeded ExpResults[ 1 ] = Pay_Failed


Program Variables

Attacker Variables

Store_UpdateOrderStatus((ORDERID), mySessionID);if (mySessionID < 0 || mySessionID >= currentSessionID) return; //if sessionID is invalidif ((ORDERID) < 0 || (ORDERID) >= currentOrderID) return; //if orderID is invalidif (orders[(ORDERID)].paymentType != PayPalExpress) return; //if payment not from PayPalExpif (ExpResults[mySessionID] == Pay_NotHappened) return; //if payment not startedif (ExpResults[mySessionID] == Pay_Failed) return;

//Payment failed

1


64

11. Attacker Updates First Session with Second ORDERID

• Attacker returns to the first session from step 5, which was paused at the last step of the checkout process

• The signed (SESSIONID) from step 5 is replaced with the signed (SESSIONID) from step 10

• The first session is resumed– Payment status is based on sessionID from cheap order,

order information is based on signed (SESSIONID) from expensive order

– Expensive order completed sucessfully

65











11. Attacker Updates First Session with Second ORDERID

Attacker returns to first session with stored successful payment result, where they stopped

the final webpage from loading

Attacker replaces the first signed ORDERID with the second signed ORDERID by copying and

pasting the value in the URL

Attacker loads the webpage

store.com/updateOrderStatus? (ORDERID)=0&sessionID=0

(ORDERID)=1

Expensive Purchase Completed

66











orderID = 1



Program Variables

Attacker Variables

mySessionID = 0;

0

11. Attacker Updates 1st Session with 2nd ORDERID

67











orderID = 1



Program Variables

Attacker Variables

Store_UpdateOrderStatus((ORDERID), mySessionID);if (mySessionID < 0 || mySessionID >= currentSessionID) return; //if sessionID is invalidif ((ORDERID) < 0 || (ORDERID) >= currentOrderID) return; //if orderID is invalidif (orders[(ORDERID)].paymentType != PayPalExpress) return; //if payment not from PayPalExpif (ExpResults[mySessionID] == Pay_NotHappened) return; //if payment not startedif (ExpResults[mySessionID] == Pay_Failed) return; orders[(ORDERID)].status = PAID;

//if payment failed

ExpResults[mySessionID] = Pay_NotHappened; //Clear the payment result

PAID

Pay_NotHappened

11. Attacker Updates 1st Session with 2nd ORDERID

Why Does This Work?

69

What Interspire Did Right

• Steps 2 & 7– Sets payment status for session as not paid

• Steps 4 & 9– Verified sessionID value– Price retrieved from a cart object stored on the server side, not

from the unsigned price parameter in the URL• This is why only the (ORDERID) parameter needs to be signed

• Steps 4.a & 9.a– Verified with PayPal that payment was made, using price stored

in cart on server side, not from the unsigned price parameter in the URL

– Result parameter from PayPal is never seen by the user

70

What Interspire Did Right

• Step 11– Verified sessionID value– Verified (ORDERID)– Verified payment was attempted– Verified payment did not fail– Session payment status was cleared after order

updated to PAID• Prevents replay attacks

71

What PayPal Did Right

• Steps 2.a and 7.a– In token returned to Store, payerID set to “not set”

• Step 3– Verified tokenID

• Steps 4.a & 9.a– Verified tokenID– Verified payerID was set– Verified the payer is same as the customer on the Store

website• Prevent an attacker stealing a customers active session

72

What Interspire Did Wrong

• Steps 9.a & 10– If payment verification from PayPal shows the

payment failed in step 9.a, the Store still creates a signed ORDERID

• Step 11– (ORDERID) not associated with a sessionID– Doesn’t verify payment amount made to PayPal is

the same amount as the price stored in the order

73

Fixing the Logic Flaw

• Connect the orderID and sessionID:• In step 4 and 9, can add another field in the

Order object to store the sessionID• In step 10, compare the users’ sessionID to

orders[(ORDERID)].sessionID– If they don’t match, return

74


• Verify the payment amount with the price of the order:

• The PayPal Express API method DoExpressPayment in steps 4.a and 9.a also returns the payment amount*

• A second field could be added to the Expected Results object, to store the payment amount along with the payment status in steps 4.a and 9.a

• In step 10 compare orders[(ORDERID)].price to ExpResults[mySessionID].paymentAmount– If they don’t match, return*https://developer.paypal.com/docs/classic/api/merchant/

DoExpressCheckoutPayment_API_Operation_NVP/

75


• Don’t provide a correct signed (ORDERID) variable if payment failed:

• In steps 4.a and 9.a, if the payment status returned from PayPal_DoExpressPayment is Pay_Failed – Don’t send the (ORDERID) parameter when calling

UpdateOrderStatus in step 10• Modify the UpdateOrderStatus method to accept a null value

– Set the ORDERID to an invalid number, and still sign it• UpdateOrderStatus method already checks for invalid values

76

ResourcesR. Wang, S. Chen, X. Wang, S. Qadeer, "How to Shop for Free Online: Security Analysis of Cashier-as-a-Service Based Web Stores," in 2011 IEEE Symposium on Security and Privacy (SP), 22-25 May 2011, Berkeley, CA, pp. 465-480. [Online]. Available: IEEE Xplore, doi: 10.1109/SP.2011.26

Case Study: Interspire and PayPal Express. Case: Interspire and PayPal Express Interspire is an...

Documents

Transcript of Case Study: Interspire and PayPal Express. Case: Interspire and PayPal Express Interspire is an...