- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 16 Sep 2015 17:29:14 +0200
- To: Adrian Hope-Bailie <adrian@hopebailie.com>
- Cc: "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>, Web Payments CG <public-webpayments@w3.org>
On 2015-09-16 17:18, Adrian Hope-Bailie wrote: <snip> > The security model required by Web wallets won't permit payment instrument > enumeration so they have rather different characteristics compared to any > form of local wallet. > > > I'm not sure I understand this statement. I see no issue with a message > object being POST'ed to a Web wallet's API endpoint? I guess you haven't tested my Wallet PoC? Anyway, a local wallet can without security issues enumerate payment instruments/cards since the user is assumed to be authenticated to the device. There's no similar function for Web wallets today, you must be authenticated to see what's inside which makes them less interoperable with other wallets. Anders
Received on Wednesday, 16 September 2015 15:29:53 UTC