RE: Executive summary / Group goals (was: Re: [use cases] Meeting minutes for 2015-02-24 telecon)

+1



* katie *
 
Katie Haritos-Shea 
Senior Accessibility SME (WCAG/Section 508/ADA/AODA)
 
Cell: 703-371-5545 | ryladog@gmail.com | Oakton, VA | LinkedIn Profile |
Office: 703-371-5545

-----Original Message-----
From: Swendseid, Claudia [mailto:claudia.swendseid@mpls.frb.org] 
Sent: Thursday, February 26, 2015 12:06 PM
To: Castillo Laurent; Ian Jacobs; Manu Sporny
Cc: public-webpayments-ig@w3.org
Subject: RE: Executive summary / Group goals (was: Re: [use cases] Meeting
minutes for 2015-02-24 telecon)

While I agree with the point that card fraud via payments made over the Web
is currently the number one type of fraud on this channel (mainly because
cards are the primary payment instrument used here), if these
goals/aspirations are also intended to look to the future, this focus seems
too limited to me.  May make more sense to say "Major reduction in payments
transaction fraud" which covers cards but doesn't exclude other payment
instruments that may be more relevant in the future. 


Claudia S. Swendseid
Senior Vice President
Federal Reserve Bank of Minneapolis
Phone: 612-204-5448
Cell: 612-655-7523
Email:  Claudia.swendseid@mpls.frb.org
      



-----Original Message-----
From: Castillo Laurent [mailto:Laurent.Castillo@gemalto.com]
Sent: Thursday, February 26, 2015 4:28 AM
To: Ian Jacobs; Manu Sporny
Cc: public-webpayments-ig@w3.org
Subject: RE: Executive summary / Group goals (was: Re: [use cases] Meeting
minutes for 2015-02-24 telecon)

Hi All,

Very nice first draft!

Like Manu, I think we're over-reaching a bit in our goals and scope. More in
details, here is where I think we might be going too far:

- Proximity payments: it's a field with much standard work being done,
complex, with slow deployment and few web technologies. I don't think W3C
would bring a lot in that field. There's some references to it in the
current draft (I suggest simply removing those):
        * "Mobile Web applications can also make "brick and mortar"
transactions more secure and convenient."
        * " convergence of online and point-of-sale experiences": for that
one, we'd need to start converging point of sale experience itself :)

- Defining a new payment instrument itself: I believe a lot of people in the
group wants to innovate on payment instruments (more secure, more
convenient, with crypto-currencies, etc...). So defining a single W3C
payment instrument (like a single financial ID, authentication method,
etc...) will limit that freedom to innovate, and will just put W3C as a
competitor to many actors (goes counter to a level playing field). Some
places in current draft that made me think that:
        * "easier integration of tokenization and other approaches": this is
a direct reference to a specific payment instrument implementation (why this
one and not others? Because its trendy ? :) ). I'd rephrase it with
something like "Through stronger Web security and fostering an ecosystem
that makes it easy to integrate new, more secure payment, instruments, we
will see a reduction..."

Some comments on manu's comments (otherwise consider I'm +1'ing all of
manu's +1)

>> A great reduction in "stolen card" transaction fraud.
>
> +0.9 - why the quotes? Or rather, if we're quoting it, it may mean 
> +that
> we mean something nuanced, which will most likely be lost on the reader.
> I'm bike-shedding here, so feel free to ignore unless this is an issue 
> for someone else.

I think we should say "stolen card numbers transaction fraud". Physical
stealth of a credit card (<ads> especially with a chip </ads>) is at an
acceptable risk level today. Credit card number fraud is by far the number
one issue that I believe we all agree needs to be addressed.

>> Greatly reduced payment provider switching costs for customers and
merchants.

"Greatly reduced costs for introducing new payment instruments in existing
payment provider" is also an interesting, similar goal.

>> Does not interfere with the ability to meet regulatory requirements
>
> +0.6, what about:
>
> Does not interfere with the ability to meet regulatory requirements, 
> and in some instances, smooths the regulatory compliance process for 
> all parties involved.

-1 to manu's modification: guaranteeing that we don't break any relevant
regulations with our addition is going to be hard, going further is
over-reaching (and typically in the scope of defining a payment instrument).

>> Enables people to "take their money out of the system"
>
> -1, too vague. What do you mean by "take their money out of the system".
> Possible readings are:
>
> - Make it easy to do ATM withdrawals.
> - Help Julian Assange not have his accounts frozen.
> - Integrate nicely government taxation authorities in streamlining 
> processes like VAT collection, etc.

Agreed, too vague.

Cheers
Laurent
________________________________
 This message and any attachments are intended solely for the addressees and
may contain confidential information. Any unauthorized use or disclosure,
either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for
the message if altered, changed or falsified. If you are not the intended
recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission
free from viruses, the sender will not be liable for damages caused by a
transmitted virus.


This e-mail message, including attachments, is for the sole use of the
intended recipient(s) and may contain confidential or proprietary
information.  If you are not the intended recipient, immediately contact the
sender by reply e-mail and destroy all copies of the original message.

Received on Thursday, 26 February 2015 17:21:28 UTC