- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Thu, 18 Mar 2021 10:41:14 +0100
- To: public-securepay@w3.org
3D Secure is a solution designed to improve the security for on-line, Card-Not-Present (CNP) payments. Using mobile payment apps that nowadays have access to powerful key protections mechanisms like TEEs and built-in support for biometric user authentication, the motives for using "workaround" solutions like 3DS simply doesn't exist anymore. That is, the card is indeed present, albeit virtualized. For unknown reasons, the https://www.w3.org/securepay/ IG seem to have reached the conclusion that FIDO should not follow the path of the mobile apps (including Apple and Google Pay), but rather stick to concepts that were designed in an another era. Although working, 3D Secure does not in any way match current FIDO standards with respect to Security, Privacy, and UX. In fact, the 25 year old EMV standard does a considerable better job! Anders
Received on Thursday, 18 March 2021 09:41:30 UTC