W3C home > Mailing lists > Public > public-payments-wg@w3.org > March 2017

[w3c/webpayments] 3D secure support (#217)

From: tugal <notifications@github.com>
Date: Mon, 20 Mar 2017 03:36:59 -0700
To: w3c/webpayments <webpayments@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments/issues/217@github.com>

I haven't read yet in specifications 3D secure support, so i'm trying to imagine how 3D secure should be supported in web payments.

Current version of 3D secure is handled throught redirection 
- User fill up his card details, and submit 
- Psp detects if card is enrolled by 3D secure
- If yes, user is redirected to bank ACS, where he fills out authentifications informations
- User is then redirected to PSP, which can process the payment (with cards details and 3D secure stuffs)

3D secure authentification required 
- Access to all banks (is this card enrolled, which address to redirect the payee)
- A way to redirect user, and provide him a form      

Which component should be responsible to handle 3D secure ?
A pay app could take this responsibility, but it must be connected to banks
Or should we imagine, a new process letting the merchant manage the window according PSP results (if PSP returns  that 3D secure authentification is needed, merchant could redirect user in the window)..

_============ 3D secure version 2
There is already a draft explaining how 3D secure version 2 works.. redirection should not be mandatory because they will supply SDK's to handle authentification.
I think, we whould not focus on this version yet._

What do you think ?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Received on Monday, 20 March 2017 10:37:45 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:43:24 UTC