- From: Jean Carlo Emer via GitHub <sysbot+gh@w3.org>
- Date: Mon, 02 Aug 2021 08:13:44 +0000
- To: public-webauthn@w3.org
Just to reiterate on the initial ask, Stripe is a PSP that participates in Web Payment WG and we found that enrolling credentials from a cross origin iframe is useful for payments use case. There are different situations where a payment is performed in a cross domain iframe most commonly while performing 3DS 2 authentication. The 3DS authentication is traditionally performed using SMS OTP, previous transactions recognition or a password. From an issuer perspective, the card is initially enrolled to be authenticated no matter the user device. Allowing WebAuthn credential enrollment in a cross domain iframe allows issuers (and even PSPes) to enroll cardholder credentials right after a successful traditional 3DS authentication without relying in popups or redirecting the user to the bank website. -- GitHub Notification of comment by jcemer-stripe Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1656#issuecomment-890819845 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 2 August 2021 08:13:46 UTC