FW: [use cases] Review of 3.2 "Partially Blinding Payment Information" and 3.4 "Making A Payment Without Registering" from Castillo Laurent on 2015-02-17 (public-webpayments-ig@w3.org from February 2015)

From: Castillo Laurent <Laurent.Castillo@gemalto.com>
Date: Tue, 17 Feb 2015 15:32:46 +0000
To: "public-webpayments-ig@w3.org" <public-webpayments-ig@w3.org>
Message-ID: <F949C685A9082C4EADF94A9CF0294652D4A07811@A1GTOEMBXV003.gto.a3c.atos.net>

Resending on public list

From: Castillo Laurent
Sent: mardi 17 février 2015 11:47
To: Members Only - Web Payments IG (member-webpayments-ig@w3.org)
Subject: [use cases] Review of 3.2 "Partially Blinding Payment Information" and 3.4 "Making A Payment Without Registering"

Both those use cases sound more like requirements / design goals than use cases.

3.2 Partially Blinding Payment Information

This use case and corresponding requirements are highly dependent on the payment instrument / scheme.
I'd phrase the requirement as: "A payment protocol that does not leak additional personally identifiable information, other than ones required by the payment scheme."

3.4 Making A Payment Without Registering

Wrong title, this is a purchase described here. In the corresponding description, the user payment agent needs to be able to handle an item description and generate a purchase proof (not payment proof, it also needs to contain unambiguous item description).

è If the payment is initiated on the merchant web site, then this whole use case looks more like a motivation/requirement of the first use case: something like "initiating a payment should NOT require authentication on the merchant web site, payment/hold proofs should be sufficient to complete an order without further personal information being disclosed."

è If the payment is initiated directly from the user payment agent, how does the payment agent receive the merchant ID for payment?

Cheers,
Laurent
________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus.
________________________________
This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus

Received on Tuesday, 17 February 2015 15:33:11 UTC