xbiz world
xbiz premiere

HTML5 Security Concerns Complicate Deployment Plans

Recent questions surrounding the security of HTML5 and 13 other new technologies currently under development have sparked demands to address these flaws before coding standards are ratified.

According to a report from the European Network and Information Security Agency entitled “A Security Analysis of Next Generation Web Standards,” portions of increasingly popular programs and applications, including browsers using the fledgling HTML5 standard — being adopted by many adult websites — pose security concerns.

The standards which govern the browser are currently undergoing a major upgrade.

For example, ENISA calls the web browser the most security-critical component in our information infrastructure and the channel through which most information passes — as such, it is seizing what it calls “a unique chance to make detailed recommendations for improvements to browser security before they become non-negotiable for years to come,” — attempting to influence the finalization of impending coding standards.

“The standards which govern the browser are currently undergoing a major upgrade,” ENISA notes. “This includes HTML5, cross-origin communication standards such as CORS and standards for access to local data such as geo-location.”

All together, details of 50 security threats and issues are identified in the report.

The report’s co-editor, Giles Hogben, says that many of these technical specifications are reaching “a point-of-no-return. For once, we have the opportunity to think deeply about security — before the standard is set in stone, rather than trying to patch it up afterwards. This is a unique opportunity to build in security-by-design.”

Some of the concerns noted in the report include formsubmission vulnerabilities and unauthorized access to sensitive information; problems with security policies; operating system permission management; “click-jacking;” and more.

“An important conclusion of this study is that significantly fewer security issues were found in those specifications which have already undergone detailed security review,” co-editor Marnix Dekker added. “This demonstrates the value of in-depth security reviews of up-coming specifications.”

The developing HTML5 standard, already embraced by many adult operators, continues to make progress towards ratification and is expected to be finalized in 2014.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Complying With New Age Assurance and Content Moderation Standards

For adult companies operating in today’s increasingly regulated digital landscape, maintaining compliance with card brand requirements is essential — not only to safeguard your operations but also to ensure a safe and transparent environment for users.

Gavin Worrall ·
opinion

Understanding the FTC's New 'Click to Cancel' Rule

The Federal Trade Commission’s new “Click to Cancel” rule has been a hot topic in consumer protection and business regulation. Part of a broader effort to streamline cancellation processes for subscription services, the rule has sparked significant debate and legal challenges.

Corey D. Silverstein ·
opinion

Key Factors for Choosing a Merchant Services Partner

Running a successful adult business requires more than just delivering alluring and cutting-edge products and services. Securing the right payment processing partner is essential to maintaining a steady revenue stream.

Jonathan Corona ·
opinion

Identifying and Preventing Transaction Laundering

Recently, a few merchants approached me after receiving compliance notifications from their acquirer about transaction laundering. They were unsure what it meant, and unsure how to identify and fix the problem.

Cathy Beardsley ·
profile

WIA: Alexis Fawx Levels Up as Multifaceted Entrepreneur

As more performers look to diversify, expanding their range of revenue streams and promotional vehicles, some are spreading their entrepreneurial wings to create new businesses — including Alexis Fawx.

Women In Adult ·
opinion

Navigating Age-Related Regulations in Europe

Age verification measures are rapidly gaining momentum across Europe, with regulators stepping up efforts to protect children online. Recently, the U.K.’s communications regulator, Ofcom, updated its timeline for implementing the Online Safety Act, while France’s ARCOM has released technical guidance detailing age verification standards.

Gavin Worrall ·
opinion

Why Cyber Insurance Is Crucial for Adult Businesses

From streaming services and interactive platforms to ecommerce and virtual reality experiences, the adult industry has long stood at the forefront of online innovation. However, the same technology-forward approach that has enabled adult businesses to deliver unique and personalized content to consumers worldwide also exposes them to myriad risks.

Corey D. Silverstein ·
opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
Show More