W3C home > Mailing lists > Public > public-payments-wg@w3.org > July 2016

Re: Encrypting basic card data

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Mon, 11 Jul 2016 19:15:12 +0200
To: Erik Anderson <eanders@pobox.com>, public-payments-wg@w3.org
Message-ID: <f667328e-4e85-f6ab-6ece-88f9f15f7320@gmail.com>
On 2016-07-11 17:24, Erik Anderson wrote:
>>  How is the current Basic Card mechanism any less secure than what is done today using web forms to capture card details?
>
> Adrian, time.... Time changes everything, Chip-n-pin is causing fraud to move away from the Merchant terminal to online. Laws are changing quickly to adjust.
>

The quick route to on-line security comparable to Chip-n-pin, is off-loading client-side payment operations to a locally installed native "App" like Apple and Google do.  It is essentially the same thing as a payment terminal in the physical world.

Some people claim that these solutions even surpass Chip-n-pin security-wise!

Anders
Received on Monday, 11 July 2016 17:15:57 UTC

This archive was generated by hypermail 2.3.1 : Monday, 11 July 2016 17:15:57 UTC