Prevent token sharing: chained single-use tokens VS a designated invalidation...
Situation: A Client is requesting a resource from a Host multiple times, usually with minutes or hours between requests. The Client has a signed, verifiable token, which we’ll call a Receipt, that...
View ArticleWhat is the history behind the “single-use spell scroll”?
The concept of a spell being stored on a scroll, which can be used once and then vanishes, shows up in numerous tabletop and video game RPGs. From a game design perspective, the idea of a one-use spell...
View ArticleWhat is the difference between a multi-use and a single-use credit card token...
We are a large e-commerce website trying to introduce a feature by which customers can save their credit card details securely. We are aware of the need for PCI compliance and working out the necessary...
View Article