Minutes [Was: [Agenda] 24 August Payment Apps task force meeting] from Ian Jacobs on 2016-08-24 (public-payments-wg@w3.org from August 2016)

From: Ian Jacobs <ij@w3.org>
Date: Wed, 24 Aug 2016 10:04:18 -0500
To: Payments WG Public <public-payments-wg@w3.org>
Message-Id: <2E1B7206-D97A-4A3E-93F9-67C2567AB4C4@w3.org>
Minutes from today’s call:
 https://www.w3.org/2016/08/24-apps-minutes#item02

Summary:

 * We continue to review proposal from AdamR about app invocation. We have a service worker
   question we are pursuing.
 * There was some discussion about various approaches in discussion for security policies and manifests;
    this is a topic that might make a useful TPAC breakout session.
 * We resolved that payment apps should have access to payee origin information so that the user has
    clarity about the payee when authorizing payment.
 * We discussed some security questions about ensuring payment app authenticity, based on a proposal
   from Max. We have updated the payment app spec with some security considerations, and Max will
   bring the topic to the full group in the context of Zach’s upcoming proposal related to data associated
   with payment method identifiers.

Next meeting: 31 August.

Ian


> On Aug 23, 2016, at 12:04 PM, Ian Jacobs <ij@w3.org> wrote:
> 
> Participants in the payments app task force,
> 
> We meet 24 August at 13:00 UTC (9am ET). Here’s the draft agenda.
> Please look for your action items in the agenda.
> 
> Previous meeting 17 August:
>  https://www.w3.org/2016/08/17-apps-minutes.html
> 
> We are using the same WebEx information as previous weeks (requires
> Member password to access):
> https://www.w3.org/2016/08/payment-apps-tf.ics
> 
> Ian
> 
> =========
> INVOCATION
> 
> * AdamR's proposal
> https://github.com/w3c/webpayments-payment-apps-api/blob/gh-pages/proposals/jsapi.md
> 
> ACTION 2016-08-17: Max and AdrianHB to review the proposal.
> 
> =========
> ORIGIN INFO
> 
> * Should origin information (about the payment request) be shared
>   with the payment app?
>   https://github.com/w3c/webpayments-payment-apps-api/issues/27
> 
> Notes:
> 
> - IJ updated with discussion from last week, which prompted some input.
> 
> - Ian also added a note on thread that payment apps should have access to
>   payee origin information (cf EBA draft regulation)
> 
>   https://github.com/w3c/webpayments-payment-apps-api/issues/27#issuecomment-241479008
> 
> =========
> Display and selecton of apps
> 
> * Action 2016-08-17: Max to write up a new proposal about
>  managing the authenticity of payment apps (for proprietary
>  payment methods).
> 
> * Action 2016-08-07: Max to write up some thoughts on
>  merchant-controlled display of payment apps for selection
> 
> =======================================================
> USER EXPERIENCES AROUND DISPLAY AND SELECTION OF APPS
> 
> ACTION 2016-08-03: Ian to organize a chat with Ben on writing down different
> user experiences.
> 
> ACTION 2016-08-10: AdrianHB to review the table
> 
> See
> https://github.com/w3c/webpayments/wiki/PaymentApp_Notes#user-experience-descriptions
> 
> ==============
> DESIGN CONSIDERATIONS
> https://github.com/w3c/webpayments/wiki/PaymentApp_Notes#design-considerations
> 
> Action 2016-07-27: Conor and JasonN will send comments on the text.
> 
> =============
> OTHER ISSUES
> 
> The full issues list in the new payment apps repo:
> https://github.com/w3c/webpayments-payment-apps-api/issues
> 
> --
> Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
> Tel:                       +1 718 260 9447
> 
> 
> 

--
Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
Tel:                       +1 718 260 9447
Received on Wednesday, 24 August 2016 15:04:21 UTC