Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They don't have the traction. In my experience almost nothing (except for google pay) uses a whitelist for the keys. They just request attestation. This is presumably because there are too many android phone vendors using too many versions of different keys to reliably check for this.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: