Re: [webpayments] How do we protect certian data in the messages from certain parties in the flow as the use case requires? (#78) from Rouslan Solomakhin on 2016-02-03 (public-payments-wg@w3.org from February 2016)

From: Rouslan Solomakhin <notifications@github.com>
Date: Wed, 03 Feb 2016 14:00:34 -0800
To: w3c/webpayments <webpayments@noreply.github.com>
Message-ID: <w3c/webpayments/issues/78/179492927@github.com>

In the interest of keeping the API simple, I prefer option 3 ("Leave entirely to the payment app publishers and payment methods to define field level encryption as they see fit"). Also, this works nicely with payment apps that talk directly to payment processors, although this is not part of the spec. For example, Android Pay talks directly to Stripe and sends a crypto-token to the merchant. This crypto-token is opaque the merchant.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/78#issuecomment-179492927

Received on Wednesday, 3 February 2016 22:01:28 UTC