- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 17 Apr 2020 06:31:19 +0200
- To: Ian Jacobs <ij@w3.org>, Web Payments Working Group <public-payments-wg@w3.org>, Adrian Hope-Bailie <adrian@hopebailie.com>
On 2020-04-16 20:46, Ian Jacobs wrote: > Dear Web Payments Working Group, > > Minutes from today’s discussion: > https://www.w3.org/2020/04/16-wpwg-minutes AHB says: > perhaps there's an opportunity for us to define a generic payment > consent flow and model that isn't designed for any particular network, but > has all the properties needed by a payment system to get consent, authorization, etc. in digital channels > I think that might be more effective than creating opaque communication channels between origins via the browser This would be a major (and welcomed) change in direction. > we might want something that allows the merchant to request a payment, > and the merchant gets back info that proves the user approved payment > of a certain amount from a specific account. > and the standardized blob could be used by a variety of payment systems Since the WG have shown no interest in a system that actually does that [1,2], would it be possible to get at least a tiny sketch showing the "approximately" RIGHT way accomplishing this indeed very interesting goal? Danyao says: > we have talked a lot about technical implementation; we are interested in how to support PSPs to drive the next features for merchants. > would like to build a tiered solution: PSPs build solutions for merchants; browsers build for PSPs This also represents a focus change from a WG perspective. There are several hurdles though: - As can be seen from the member list, PSPs (Banks) are not particularly interested in open standardization; they prefer their own closed forums like EPC and EMPSA. - PSPs are unlikely to be thrilled by new Web-only solutions but the WG have not yet figured out how their work could fit in a bigger picture, including the quite popular DesktopWeb/MobileWallet scenario. - To be successful, such work also requires more (non-browser) security related stuff than is currently the case. - The issue mentioned in [3] remains unaddressed although the core applies to hundreds of already deployed systems. Thanx, Anders 1] System Overview: https://cyberphone.github.io/doc/saturn/saturn-authorization.pdf 2] "Bitlevel" Messaging: https://cyberphone.github.io/doc/saturn/bank2bank-payment.html 3] https://cyberphone.github.io/doc/web/calling-apps-from-the-web.pdf
Received on Friday, 17 April 2020 04:31:37 UTC