- From: Anders Rundgren via GitHub <sysbot+gh@w3.org>
- Date: Fri, 19 Feb 2021 04:59:46 +0000
- To: public-webauthn@w3.org
@equalsJeffH it may seem like that but the fact is that mine[1] and Google's[2] take on SPC only have the _name_ in common. As a thought experiment you could try to envision what users (UI-wise) would have to put off with and banks would have to build (giant central registries of enrolled accounts) in order to apply 3DS/step-up authentication to IBAN accounts like the sample's `FR7630002111110020050014382`. /Anders 1] Effectively a "technology refresh" of EMV adapted for the Web. EMV remains to date the only payment _authorization_ scheme that enjoys both real and de-facto standards status. 2] Builds on leveraging two technologies that were designed for _other_ purposes. FIDO: User authentication rather than payment authorization. 3DS: Supporting users who do NOT have access to sophisticated client-side crypto which was a great idea back in 1998 when it was created. @balfanz @ve7jtb @dturnerx -- GitHub Notification of comment by cyberphone Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1570#issuecomment-781821307 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 19 February 2021 04:59:47 UTC