Re: [webpayments] How are payment messages trusted? (#19)

I agree with @msporny that there are two issues here.

1. How do we ensure that the payment request from the merchant is not tampered with before it gets to the payment app.

2. How do we protect certian data in the messages from certain parties in the flow as the use case requires.

I think issue 2 is a problem for the designers of payment methods to solves ASSUMING we have solved issue 1.

The payment request from the website to the payment mediator (User Agent) and then to the payment app needs to be tamper-proof. Only then can the payment methods specific processing kick-in and implement whatever security mechanisms the payment method prescribes.

Is it sufficient to say that the API calls are only made in a secure context?

What happens if my UA has been compromised and whenever I get a payment request the merchant details are changed so my payment goes to the wrong person?

Do we need a standardized way to sign the payment request?

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/issues/19#issuecomment-163167654

Received on Wednesday, 9 December 2015 09:59:34 UTC