| The dominos ordering app in India had a terrible flow a while back. Once the products are added to the cart and proceeded to checkout , the flow was as follows 1. First a payment collection flow is initiated from the browser (asking Credit Card details, pin etc) 2. The payment confirmation comes to the browser 3. The browser then places the order(the pizza information) to another api end point, marking the payment part as 'Paid' The thing is, one could add as many pizzas to the cart in a different tab, while the original tab proceeds to payment. The end result is, you get to pay only for pizzas that were initially in the cart, but could get any number of pizzas. For literally Rs100 one could order thousands of rupees worth pizza. I discovered it accidentally and did report to them. Neither did they acknowledge nor did they send me a free pizza :( They later fixed this, by not allowing to load the cart in a different tab. But there is a high chance that there could be another hack even now. Since I had wowed not to eat junk food anymore, there was not much incentive for me to spend any more time on it. |
There used to be some "secure pendrive" which worked similar way: an app asks you for password, checks if it matches hash stored on the drive and optionally commands the drive to unlock itself. What could possibly go wrong? ;)