Re: [webauthn] Cross-origin credential creation in iframes (#1656) from Anders Rundgren via GitHub on 2021-08-05 (public-webauthn@w3.org from August 2021)

From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
Date: Thu, 05 Aug 2021 04:54:15 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-893163002-1628139254-sysbot+gh@w3.org>

@arshadnoor 
> Which credentials are you referring to here? For passwordless FIDO/WebAuthn authentication, there is nothing for the Consumer to type in.

For 3DS you type in the card number since this is how you find out the issuer URL.  AFAICT, the card number is the only information shared between the merchant and bank during credential creation using this proposal. In reality, due to the cumbersome backend support required, the entire payment operation must in most cases be outsourced.

-- 
GitHub Notification of comment by cyberphone
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1656#issuecomment-893163002 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 5 August 2021 04:54:17 UTC