Re: [webpayments] How are cloud-based payment instruments supported? (#16)

I imagine we'd have two different flows based on whether a browser API is being used or an HTTP API.

With a browser API, it could involve the merchant site making a JavaScript call that would cause the browser to open a popup with a secure browsing context. The browser will display payment instrument choices and/or cloud-based wallet choices. Then, it would use some discoverable or previously registered information to obtain a URL to load that will display a UI to the user to allow them to use the payment instrument/make the payment (depending on the type of instrument). This website would then make a JavaScript call to acknowledge that the payment is complete (or just that an instrument was selected) which would cause the browser to relay that acknowledgement back to the opening context to resolve the promise for the merchant's website. This is very similar to what Manu described earlier.

With an HTTP API, a system of callbacks could instead be used to implement something very similar.

In both cases, a digital signature on the payment request could ensure integrity and non-repudiability.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/16#issuecomment-161666299

Received on Thursday, 3 December 2015 15:02:33 UTC