- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 22 Feb 2017 08:58:53 +0100
- To: Web Payments Working Group <public-payments-wg@w3.org>
Have you considered authenticating Merchants in some way? It is possible that I haven't looked enough, but I couldn't find such references. Merchant authentication seems to have two primary goals: 1) giving the Payment Provider a chance to block a payment request because the Merchant has been black-listed. 2) if authentication is performed through a digital signature, verify that the payment request haven't been tampered with. Apple Pay seems to have something along these lines which (at least) checks that the Merchant is a genuine Apple Pay Merchant. /A
Received on Wednesday, 22 February 2017 07:59:59 UTC