> The automatic-authorization appears to only apply when it's between two previously validated parties.
This doesn't feel quite right, as you describe it you'd validated that it's ok to receive money from them, not send it. I'd be more comfortable if it was validated in some way when you first send something to a person. Receiving money doesn't mean I trust a person.
I could send you a dollar, and when you accept it I could fake an email back giving me 100. I hope this only happens with signed emails.
About DKIM, does it stop someone from repeating an email? Could I fake an identical email that has been sent before? If so, that's something that normally wouldn't be an issue (duplicate emails aren't really a problem, you can't inject any information, change links to dodgy sites) but would be huge for sending money.
EDIT - from the DKIM site
> DKIM does not protect against re-sending (replay of) a message that already has a valid signature; therefore a transit intermediary or a recipient can re-post the message in such a way that the signature would remain valid, although the new recipient(s) would not have been specified by the originator.
This doesn't feel quite right, as you describe it you'd validated that it's ok to receive money from them, not send it. I'd be more comfortable if it was validated in some way when you first send something to a person. Receiving money doesn't mean I trust a person.
I could send you a dollar, and when you accept it I could fake an email back giving me 100. I hope this only happens with signed emails.
About DKIM, does it stop someone from repeating an email? Could I fake an identical email that has been sent before? If so, that's something that normally wouldn't be an issue (duplicate emails aren't really a problem, you can't inject any information, change links to dodgy sites) but would be huge for sending money.
EDIT - from the DKIM site
> DKIM does not protect against re-sending (replay of) a message that already has a valid signature; therefore a transit intermediary or a recipient can re-post the message in such a way that the signature would remain valid, although the new recipient(s) would not have been specified by the originator.
EDIT2 - Squares security page is brief and, well, sounds odd
> detects suspicious behavior in real-time, and in many instances, even before it happens.
How do you detect behaviour before it happens? Isn't that inherently impossible?