- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Fri, 11 May 2012 14:15:28 -0400
- To: Dave Raggett <dsr@w3.org>
- CC: public-webpayments@w3.org, Alan Bird <abird@w3.org>
On 05/11/12 06:46, Dave Raggett wrote: > The W3C Team recently organized a task force on web payments as part > of our headlights process for up and coming areas, and we would like > to invite your comments on the information we have collected [1], and > your suggestions for possible next steps in regard to standardization > work at W3C. Glad that you guys did this. I'm assuming that this was a first-step, internal W3C Team-only thing? Further discussions about this topic should certainly involve people that have been active on this mailing list - either in the past or currently. > There are many different possible approaches to payments on the Web, > and we focused on the scenario where a web application is seeking a > payment from the user. Web Intents looks like a promising means to > allow for web applications to request payments, leaving the user free > to pick her preferred means of payment. That's only one part of the problem - the other part is how the web application can trust that the response it gets from any particular service can be trusted (this is what PaySwarm is focused on doing). That is... the easy part is requesting the payment via a Web Intent. The hard part is interoperability between the payment system and the web app... or between the payment systems. For example: * Is there a white list of services that have been "verified", much like the list of trusted root certificate authorities? (hard) * What kind of message does the payment service send to the web app? (hard) * How does the web app specify the callback location? (easy) * Are digital signatures involved? (hard) * Who is responsible for relaying the "digital receipt" back to the web app? The user agent, or the payment provider? (hard) * Should the payment providers be interoperable? (hard) > This approach is agnostic with respect to the many existing or > planned payment solutions. I don't think it's that simple... specifically regarding who qualifies as a payment provider, who maintains the white-list, how is that list put together, and what message should come back to the Web app certifying that the purchase happened successfully. For instance, if the customer has a Google Wallet and the web app uses PayPal - how does the money go from Google Wallet to PayPal? > There is also a role for standards aimed at enabling value-added > third party services that complement payment services. Agreed. > What should W3C do next? We could organize a workshop later this > year or early next year, I'd suggest early next year... I'm also concerned about a number of the participants in this mailing list being able to attend, as many of them are running small start-ups or are weekend warriors on these projects. Additionally, PayPal, Google, Flattr and most of the existing payment providers are not yet a participating and may never participate as interoperability is a threat to their market share. I'm not saying that a workshop is a bad idea - I'm just saying that I don't know if we have a good handle on what would or should happen at such a workshop - other than brainstorming. In any case, there is plenty of time to plan such a workshop - although, I'm a bit skeptical of it "helping" at this stage. That said, it would be good to get all of the companies listed in the wiki page you created together to have some open talks about potential collaboration points. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny) President/CEO - Digital Bazaar, Inc. blog: PaySwarm Website for Developers Launched http://digitalbazaar.com/2012/02/22/new-payswarm-alpha/
Received on Friday, 11 May 2012 18:15:56 UTC