The thing is that I claimed to have a solution and I even filed a patent for it. Some time later I understood I need many iterations to even understand if I’m right or wrong. The direction is OK, but I’m still trying to understand if I’m the right person to solve this problem: I am sending a secret via Email (which is a right direction), then to send and receive data to and from “bank.com” I send it to a Frontend JavaScript code that has access to this secret key (user clicks a link in the Email). The JavaScript resides on a subdomain of my service which is whitelisted via CORS.
If anyone would read this, could you please reflect?
If anyone would read this, could you please reflect?