Re: [w3c/webpayments] Finer points of integration with Web App Manifest (#225)


> Are you suggesting that Web Payments shouldn't need to verify the payment app because additional verification would take place while completing the payment flow?

What I'm saying is that the potential problem is (or should be at least) addressed during payment credential enrollment which is out of scope for this WG as far as I can tell.  That is, banks do not want to deploy their precious keys in arbitrary apps which is why Android provides isolation features like:

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:

Received on Thursday, 30 March 2017 06:45:27 UTC