Thanks for quick answer. > This is not true. As a PSP you can still provide your merchants with code that embeds an iframe, the content of which is hosted on your secure (and PCI DSS certified) web servers. > The Merchant can explicitly give that iframe permission to call the Payment Request API so when the user wants to pay the interaction is done directly with your systems. I agree, it's technicaly possible and compliant. But i disagree on the UX involved; > For the redirect use case, nothing stops you from invoking the API when the user has been redirected to the payment page hosted on your secure servers. Again, i agree; but we loose all UX, the payee is redirected from the ecommerce website to a generic page, loosing connection with the merchant. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/issues/210#issuecomment-278276664Received on Wednesday, 8 February 2017 09:32:38 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:24 UTC