April 8, 2015
Single purpose API
Sorry, No followers
Of all the markets being impacted by the booming API economy, perhaps none has seen as much activity and innovation as the payments space. The past several years have seen the launch of a number of disruptive and successful API-centric upstarts, including Stripe and Balanced. Meanwhile, entrenched players like PayPal and Verifone have responded with new offerings of their own.
Google just made it easier for more developers to get paid in more countries around the world. The company expanded how consumers can pay for apps in the Play Store, and added to the number of countries that can sell apps.
The way the Square API delivers JSON output makes it possible for an attacker to engage in a cross-site scripting (XSS) under certain circumstances. The vulnerability was discovered by security researcher Ajay Chavda and reported to Square on August 7, 2015 through its bounty program on hackerone.