Summary of recent changes based on privacy review

Dear Web Payments WG,

As part of preparing to move Payment Request API forward in the W3C process, several of us presented changes to Payment Request to the Privacy Interest Group on 28 February [1]. We received helpful review, which led to a number of specification changes to the draft that we expect to publish as a revised Candidate Recommendation.

In addition, we have recorded two issues that are currently slated for further discussion after we complete version 1:

 * Fine-grained error reporting for canMakePayment

 * Address redaction negotiation



Payment Request API


* For events that share addresses with the payee prior to confirmation by the user, browsers redact parts of the address. The "redactList" was optional and is now required as a minimum bound for both shipping and billing addresses. In addition, we increased the scope of the redactList (that is: less information is shared prior to the user confirming the transaction).


* Added more information about canMakePayment() abuse mitigations.
* New verbiage drawing attention to privacy considerations upon instrument selection.
* New privacy consideration regarding validationURL not exposing PII.
* Merged two sections about security and privacy into one.
* Clarified two definitions: payment method and payment method owner.

Basic Card


* Fixed a bug (missing addressLine from redactList).

Ian Jacobs <>
Tel: +1 718 260 9447

Received on Thursday, 14 March 2019 13:28:57 UTC