@rvm4, @stan-stripe, @adamroach, and I discussed WPWG feedback
and propose as next steps:
1) To enable various parties to reconcile transactions (especially
push payments), add support for paymentRequestID to Payment Request
API.
a) A paymentRequestID must be unique within the scope of each domain.
b) We will not specify the format of the identifier; UUID has
been cited as an example that may be useful.
c) The payee can (optionally) provide a paymentRequestID in
the constructor. When the payee does not provide one,
the user agent generates one.
2) In the Payment Method Best Practice specification [1],
discuss how paymentRequestID and other payment method
specific information can be used to help parties reconcile
their systems. In particular:
a) Payment methods may enable payees to provide a URL
where payment services can send transaction status information.
b) State information useful to payees (e.g., success, fail, processing)
will depend on the payment method.
c) Parties may secure the callback channel in a variety of
ways. Some parties may wish to provide the same data asynchronously
that is available synchronously through Payment Request API; this
is likely to involve some form of mutual authentication. Other
payment servers may prefer to send minimal information to the
payee, and require the payee to query the payment server for
authoritative status information.
[1] https://w3c.github.io/webpayments/proposals/method-practice/
--
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/224#issuecomment-263995469
Received on Wednesday, 30 November 2016 21:08:17 UTC