@techreport{ietf-oauth-cross-device-security-08, number = {draft-ietf-oauth-cross-device-security-08}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/08/}, author = {Pieter Kasselman and Daniel Fett and Filip Skokan}, title = {{Cross-Device Flows: Security Best Current Practice}}, pagetotal = 55, year = 2024, month = jul, day = 8, abstract = {This document describes threats against cross-device flows along with practical mitigations, protocol selection guidance, and a summary of formal analysis results identified as relevant to the security of cross-device flows. It serves as a security guide to system designers, architects, product managers, security specialists, fraud analysts and engineers implementing cross-device flows.}, }