Closed Bug 820171 Opened 12 years ago Closed 12 years ago

What do we do with a buyer who tries to log in with an unconfirmed PIN

Categories

(Marketplace Graveyard :: Payments/Refunds, defect, P1)

Product:
Marketplace Graveyard
Component:
Payments/Refunds
Platform:
x86_64
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 821465
Milestone:
2012-12-20

People

(Reporter: wraithan, Assigned: wraithan)

References

Details

Currently we reject them with bad PIN

Options as I see them:
Reject them with bad PIN
Reject them with message about unconfirmed PIN
Accept them and mark the pin as confirmed if the PIN is correct
Add a guard on all views that require a confirmed PIN and bounce them before they get to PIN input.

I think this merits thinking about for cases of urlhacking and such that might bypass the pin confirm.
Blocks: 795105
The last one:

"Add a guard on all views that require a confirmed PIN and bounce them before they get to PIN input."
Taking this, marked at P1 as we don't want people being able to jump ahead in the auth process. Tossed on next week's milestone.
Assignee: nobody → xwraithanx
Priority: -- → P1
Target Milestone: --- → 2012-12-20
I think bug 821465 can handle this and more
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.