In eBay Identity team, we strive every day to improve a user’s interaction on eBay without compromising the security aspects and, at the same time, provide seamless and non-intrusive authentication mechanisms using state of the art technologies, ranging such as fingerprint recognition to well-established industry standards such as Google Sign-In. The users will also be provided the capability to disable Google Sign-In from Google App permissions and from eBay settings as well. In case of risk detection, the Identity resolution system is notified and appropriate actions are performed to ensure safety of the user’s account. Similar to all the other detection and remediation actions performed as part of risk analysis, login attempts and Identity resolution for users utilizing Google Sign-in are analyzed diligently. The GooglePublicKeysManager was customized to get the Google public certificates in an eager fashion and is cached for faster authentication. Google also provides an open source library that performs these checks. The claim “iss” (issuer) is recognized as Google via the values “” or “.”.The claim “exp” (expiration time) identifies the expiration of the id_token.The JWT token claim “aud” (audience) identifies the id_token as issued for eBay Mobile application.
#EBAY SIGN IN ANDROID#
Using Google Sign-In for eBay Android application is a logical evolution of utilizing Google’s verified identity to ensure that the user is provided a secure, but a simpler, login method in their eBay mobile app. Being a mobile first company, we take pride in providing capabilities for seamlessly utilizing the underlying platform, but ensuring high standards of security at the same time. As a part of that diligence, we introduced single-use code-based login last year. At eBay, as part of the Identity platform, we work diligently to remove such risk factors. Every day we hear news of data breaches and passwords being stolen or compromised.
0 kommentar(er)
