W3C home > Mailing lists > Public > public-webauthn@w3.org > February 2021

Re: [webauthn] FIDO Payment Support (#1570)

From: Rouslan Solomakhin via GitHub <sysbot+gh@w3.org>
Date: Fri, 26 Feb 2021 19:00:58 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-786835128-1614366057-sysbot+gh@w3.org>
@cyberphone, if I understand the gist of your proposal, there appears to be two primary differences from [SPC](https://github.com/rsolomakhin/secure-payment-confirmation):

1. The challenge comes from the merchant instead of the bank.
1. The browser stores some extra data for each payment credential, so it can return user's account number, encrypted with the public key of the bank, too.

Is that a fair summary?

I think perhaps this proposal would be more clear if the enrollment step was described or specified. How would it work?

GitHub Notification of comment by rsolomakhin
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1570#issuecomment-786835128 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 26 February 2021 19:01:00 UTC

This archive was generated by hypermail 2.4.0 : Friday, 26 February 2021 19:01:01 UTC