Re: [w3c/browser-payment-api] Add Guidance Text for User Consent (#229) from Jeff Burdges on 2016-09-20 (public-webpayments-specs@w3.org from September 2016)

From: Jeff Burdges <notifications@github.com>
Date: Tue, 20 Sep 2016 04:42:05 -0700
To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
Message-ID: <w3c/browser-payment-api/issues/229/248277508@github.com>

Yes.  We do not want a situation where a "payment app" can be little more than a tracker that "pays" merchants with "discount coupons", but the net effect on the user is simply that they are being tracked through yet another source.  It's good if show always changes the top level context, but actually not quite sufficient.  

In fact, I'd think security dictates that the browser's payment mediator should always make an appearance, even if the merchant only supports one payment app.  Now some browsers might find ways to skip the payment mediator, but if the browser has a security settings, slider, etc. then our recommendations should be that anyone with any security contentiousness should always see the payment mediator during a payment. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/229#issuecomment-248277508

Received on Tuesday, 20 September 2016 11:42:33 UTC