- From: Stephen McGruer <notifications@github.com>
- Date: Fri, 14 Jan 2022 05:43:59 -0800
- To: w3c/webpayments <webpayments@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 14 January 2022 13:44:11 UTC
It's fine to include this, since we're in the payment-flow section, but just for completeness - if the user has logged into the merchant website, and the merchant website wants to remember stored cards, that's all 1p usage and totally ok from a privacy perspective. (The merchant of course may have legal obligations around the storing of payment information, but that's totally out of scope here). A perhaps related case that **is** affected by privacy is if the merchant is using a PSP or other aggregator in an embedded-iframe setup, and that **aggregator** is whom the user has a profile with. The aggregator embedded on the merchant's website is in a 3p context, and so e.g., would not be able to use a cookie to 'auto-remember' a returning user. -- Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments/commit/a1257f2d6435370325989f7ec5332933f9a6252d#commitcomment-63882780 You are receiving this because you are subscribed to this thread. Message ID: <w3c/webpayments/commit/a1257f2d6435370325989f7ec5332933f9a6252d/63882780@github>
Received on Friday, 14 January 2022 13:44:11 UTC