Re: Encrypting basic card data

On 2016-07-14 23:21, Erik Anderson wrote:
<snip>
> The Payments API must be secure.

The API is as secure as the payment methods it can execute.  The methods are provided by the schemes.

The schemes are in turn owned and governed by the payment providers who thus those are the parties that need to conform to legislation.

That the traditional payment providers (banks) doesn't have much to offer is frankly put a problem for them, not for the W3C.

Fortunately banks have now gotten the competition they should have had decades ago by newcomers like Apple:
https://developer.apple.com/videos/play/wwdc2016/703/

That is, finally there are payment systems that combine Security, Privacy, Utility, and Convenience!

Anders Rundgren
WebPKI.org

Received on Friday, 15 July 2016 08:21:49 UTC