Hacker News new | ask | show | jobs
by gildenFish 112 days ago
It is basically impossible to disallow the token to work that way on a technical level. It would be akin to trying to trying to set up a card scanner that can deny a valid card depending on who is holding it. The only way to prevent it from working is analyzing usage patterns/details/etc in some form or fashion. Similar to stationing a guard as a second check on people whose cards scan as valid.
2 comments
Aperocky 112 days ago
Exactly, so charge on usage or cap on usage.

Either the token works for all times, or works until it doesn't, or does not work at all.

Punishing the account for using a token you have vended for the exact same purpose is extremely poor product design.

link
shimman 112 days ago
So it sounds like the trillion dollar corporation can actually do it but they don't want to spend the money too because they are extremely cheap?
link