While I have heard the argument that the data collected is "for the merchant" I would argue that it is the user's data so the user should be able to specify if it is shared with third-parties. I like this proposal but would make some minor adjustments: 1. Don't have a catch-all scope. It's easy enough to list the data you actually want. 2. Pass the scope's in as an array. Example: .requestPermission({scopes: ["displayItems", "payer-email", "payer-phone"]}); On 10 March 2017 at 10:38, Frank Hoffmann <frank.hoffmann@klarna.com> wrote: > Hi > > I would like to discuss the potential for Payment Apps to receive customer > and purchase details provided by the merchant or collected by the browser. > This is related to the discussion in issue #13 (https://github.com/w3c/ > webpayments-payment-apps-api/issues/13) and issue #91 ( > https://github.com/w3c/webpayments-payment-apps-api/issues/91). Can we > put this on the agenda for next weeks meeting? > > Use cases: > 1. A user have multiple "accounts", e.g. private/business. Payment App can > identify this by email/phone > 2. Shared computer/browser. Payment App can identify the user by > email/phone > 3. Payment App require customer or purchase details. Payment App do not > have to ask for the same information again / The merchant does not have to > provide the information in two places (payment method specific object) > > *Suggested solution* > > When a Payment App requests permission to handle payments it can > optionally request for customer and purchase details to be shared with the > App. For Payment Apps that have the users consent to share > customer/purchase details the browser will forward this information (when > available) to the Payment App when invoked. > > The user will see something like this when permission is requested: > "Allow boopay.com to handle payments.. > Your shipping address will be shared with boopay.com when making a > payment" > > > Related to the discussion in #94 (https://github.com/w3c/ > webpayments-payment-apps-api/issues/94) when permission is asked for an > optional "scope" can be provided. > > Scopes: > * displayItems > * payer (covers all of the below) > * payer:email > * payer:phone > * payer:shipping > > Example: > .requestPermission({scope: 'displayItems, payer:email'}) > > Regards > > /frank >Received on Friday, 10 March 2017 10:55:44 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:24 UTC