Re: [paymentrequest] Payment App Registration: Same Origin is problematic for identifying_url (#66)


> Open to suggestions on how to solve this problem.

Perhaps it would help to look at this as a bootstrapping problem.


1. When a Payment App registers itself, it indicates which payment methods it supports.
1. When a user adds a payment instrument/credential to a Payment App instance to enable the use of a payment method, that instance can notify the browser that a payment method is now available (in addition to just being supported).


1. A user installs a Payment App. At this point, the user hasn't done anything with the app so it can't know if the user has an instrument/credential for a particular method.
1. If a user navigates to a merchant site and tries to pay for something, the browser, at this point, will need to show a UI that indicates that they don't have a payment instrument/credential registered with any of their Payment Apps yet, but they do have a Payment App they can choose and go and register one with (and then pay).
1. The user picks the Payment App that they can register an instrument/credential with and uses it to register and pay. The Payment App notifies the browser that they were able to pay with a particular method (this could just be the browser looking at the payment response and seeing it happened ... or it could be an explicit call/message).
1. Next time the user tries to buy something using the same payment method, the browser UI will be able to show them that they can pay with a particular Payment App right away.

Is this an acceptable user experience?

Reply to this email directly or view it on GitHub:

Received on Wednesday, 24 February 2016 18:09:42 UTC