It's like installing anti-cheating rootkit to windows kernel. It's like recording your voice, taking retina scan, requiring you to take off your clothes and bugging a GPS device on you before swiping a card in a physical shop. How can it be possibly OK? For fraud prevention? Yes, if every customer were under 24/7 surveilence, there wouldn't be frauds (nor terrorists). Unless they were too smart to hack all the devices and fake the data. It is very wrong and there is no way it can be justified to monitor all URLs and mouse movements before the payment. Having javascript available doesn't mean you are allowed use it for spying on customers! Black Mirror in real life. It will get worse if people accept this and agree with this. Quite sad. :(