|
|
|
|
|
|
by notatoad
1431 days ago
|
|
|
the "server" in this case provides a one-time key to sign the transaction with, which is only valid for that transaction and that merchant. if you have a large antenna that can provide valid transaction keys for a trusted merchant, then yes, you have a significant exploit. to my knowledge, nobody has ever successfully demonstrated an exploit of this nature. |
|
|
It is trivially employed.