Re: [w3c/webpayments-methods-tokenization] Relationship between TokenizedCard and EncryptedTokenizedCard needs clarification (#35) from Adrian Hope-Bailie on 2018-04-18 (public-webpayments-specs@w3.org from April 2018)

From: Adrian Hope-Bailie <notifications@github.com>
Date: Wed, 18 Apr 2018 15:31:46 -0700
To: w3c/webpayments-methods-tokenization <webpayments-methods-tokenization@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-methods-tokenization/issues/35/382549797@github.com>

I think there is a misunderstanding here.

The cryptogram, typeOfCryptogram, eci, trid etc are not related to the encryption of that data under the key specified with keyProviderUrl.

Those data elements are passed opaquely to the issuer where as the key from keyProviderUrl is used to encrypt this data between the payment handler and the merchant.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-methods-tokenization/issues/35#issuecomment-382549797

Received on Wednesday, 18 April 2018 22:32:13 UTC