Interesting, but it does not solve the core of THE problem: you still need gogol absurd and grotesquely massive and complex javascript-ed engine (including their SDK), aka blink, to create an account, and re-authenticate this account on a regular time-basis. Ok, it is not completely true, you can use mozilla(=gogol sidekick) and apple(webkit) absurd and grotesquely massive and complex javascript-ed engines (including their SDKs) to do the same... because gogol is still not breaking compatibility, yet.<p>Not really ideal.<p>There is no solution to this issue, because accounts can be created and re-authenticated via click farms, and that massively, using humans and all the VPNs around the world.<p>You can sort of mitigate this issue: the process of creating an account and re-authicate must be something long, really long for the user (do warn the user about this and explain why), and that can work with a noscript/basic (x)html browser. Then "work" for the click farms, or blink|geeko/webkit modified engines with AI (and trained via humans in click farms) would sky rocket until it is not worth it anymore.<p>Now, let's be serious, but really important online services, account creation should not be online, but IRL at a physical office, or it is made for you after ID verification and mailed/emailed/phoned/smsed, or... well you get the picture.<p>For online shopping there is a middle ground I don't really like: you mail/html form post a demand of account creation with a credit card number, which will be deeply/humanly verified before anything is done. Then after verification, the account will be sent to you like above. What I don't like, this online shop has your credit card number and must be verified by a salary human (which could be a "point of failure") and that defeats the purpose of wallet codes.<p>The "physical" identification seems to be what's happening in my country. Namely, those accounts are linked to _really_ you.<p>For all that, you don't need a javascript-ed web engine, you should never and core functionality should work with noscript/basic (x)html browsers.<p>And ofc, for those "verified" accounts, you can propose a web API (which is not a good excuse not to provide a noscript/basic (x)html portal).