Re: [w3c/browser-payment-api] How are digital signatures supported for Payment Requests? (#291) from Dave Longley on 2016-10-12 (public-webpayments-specs@w3.org from October 2016)

From: Dave Longley <notifications@github.com>
Date: Wed, 12 Oct 2016 10:13:51 -0700
To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Message-ID: <w3c/browser-payment-api/issues/291/253277068@github.com>

@ianbjacobs,

> I also recall that we said that payees could verify data upon receipt of the payment response.

Which data are you talking about?

Digital signatures are a solution for use cases where the merchant isn't immediately in the loop (e.g. execution of a Digital Offer from a search results page) or where the payer wants assurance that the push payment method they are about to use will send the proper amount of money to the proper party (in return for the proper goods/services). In these scenarios, payee verification of information after the fact will not protect users and will lead to undue liability on the merchant end.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/291#issuecomment-253277068

Received on Wednesday, 12 October 2016 17:14:47 UTC