- From: mountainhippo <notifications@github.com>
- Date: Wed, 02 Dec 2015 23:46:44 -0800
- To: w3c/webpayments <webpayments@noreply.github.com>
Received on Thursday, 3 December 2015 07:47:39 UTC
@manu Merchants sometimes do want to see card number though. It might not be best practice but it is certainly allowed today and supported. -- Nick Telford-Reed e: nicktr@gmail.com m: +447538177619 On 3 Dec 2015 3:32 a.m., "Manu Sporny" <notifications@github.com> wrote: > the SCAI approach was: > > - to avoid any tampering of the data by digital signing > - to enable some data could be hidden from the merchant (or from any > other actor) (tunnelling) > > Yes, but I expect that not everyone feels that digital signatures are > absolutely necessary and there may be others that don't believe that > in-message encryption is necessary. > > I'm merely raising the point that both will most likely be necessary, if > not for phase I, for later phases and we should keep this in mind as we do > the design work. > > — > Reply to this email directly or view it on GitHub > <https://github.com/w3c/webpayments/issues/19#issuecomment-161505719>. > --- Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/issues/19#issuecomment-161543064
Received on Thursday, 3 December 2015 07:47:39 UTC