Comments on MasterPass flow

Hi Laurent and Matt,

I thought I’d look at another flow so I picked MasterPass [1]. Some comments here (notably with respect to the 3DS flow [2]).

Ian

[1] http://www.plantuml.com/plantuml/proxy?fmt=svg&src=https://raw.githubusercontent.com/w3c/webpayments/gh-pages/PaymentFlows/AlternativePayment/MasterPassStandardCheckout-Current.pml
[2] http://www.plantuml.com/plantuml/proxy?fmt=svg&src=https://raw.githubusercontent.com/w3c/webpayments/gh-pages/PaymentFlows/Card/MerchantHosted-CardPaymentwith3DS-Current.pml

============
Comments

* In 3DS, “press pay” returns to the browser; in MasterPass it returns to the merchant site. I like the 3DS one better. :) I expect the message
  back to the merchant site is something like “requestMasterPassPayment”

 * I’m not familiar with the “Wallet Selector UI”. Is that a wallet aggregator (app)? It seems I then pick a particular wallet from among N potential wallets.

 * It looks like there’s a bug between 9 and 10. Should there be a response (server->wallet) after 9? Or does #10 initiate from the masterpass server?

 * Message #12 “Authorize order” might be called “Authorisation Response” in the 3DS flow. (But it may also be that “authorization” is the wrong idea here,
   and instead its some sort of security check response; it seems the authorization from the issuing bank happens later.)

 * In the 3DS flow messages 24 and 25 show the acquiring bank talking to the issuing bank to get authorization. It looks like that happens after message #20
   in the masterpass flow (but is not shown). If that’s the case, I suggest we add it there (and then align the rest of both flows since they are the same after that point).

(I am not familiar with MasterPass so sorry if I am confused.)

--
Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
Tel:                       +1 718 260 9447