[w3c/webpayments] 3D secure support (#217)


I haven't read yet in specifications 3D secure support, so i'm trying to imagine how 3D secure should be supported in web payments.

Current version of 3D secure is handled throught redirection 
- User fill up his card details, and submit 
- Psp detects if card is enrolled by 3D secure
- If yes, user is redirected to bank ACS, where he fills out authentifications informations
- User is then redirected to PSP, which can process the payment (with cards details and 3D secure stuffs)

3D secure authentification required 
- Access to all banks (is this card enrolled, which address to redirect the payee)
- A way to redirect user, and provide him a form      

Which component should be responsible to handle 3D secure ?
A pay app could take this responsibility, but it must be connected to banks
Or should we imagine, a new process letting the merchant manage the window according PSP results (if PSP returns  that 3D secure authentification is needed, merchant could redirect user in the window)..

_============ 3D secure version 2
There is already a draft explaining how 3D secure version 2 works.. redirection should not be mandatory because they will supply SDK's to handle authentification.
I think, we whould not focus on this version yet._

What do you think ?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:

Received on Monday, 20 March 2017 10:37:45 UTC