- From: Katie Haritos-Shea GMAIL <ryladog@gmail.com>
- Date: Thu, 26 Feb 2015 12:20:54 -0500
- To: "'Swendseid, Claudia'" <claudia.swendseid@mpls.frb.org>, "'Castillo Laurent'" <Laurent.Castillo@gemalto.com>, "'Ian Jacobs'" <ij@w3.org>, "'Manu Sporny'" <msporny@digitalbazaar.com>
- Cc: <public-webpayments-ig@w3.org>
+1 * katie * Katie Haritos-Shea Senior Accessibility SME (WCAG/Section 508/ADA/AODA) Cell: 703-371-5545 | ryladog@gmail.com | Oakton, VA | LinkedIn Profile | Office: 703-371-5545 -----Original Message----- From: Swendseid, Claudia [mailto:claudia.swendseid@mpls.frb.org] Sent: Thursday, February 26, 2015 12:06 PM To: Castillo Laurent; Ian Jacobs; Manu Sporny Cc: public-webpayments-ig@w3.org Subject: RE: Executive summary / Group goals (was: Re: [use cases] Meeting minutes for 2015-02-24 telecon) While I agree with the point that card fraud via payments made over the Web is currently the number one type of fraud on this channel (mainly because cards are the primary payment instrument used here), if these goals/aspirations are also intended to look to the future, this focus seems too limited to me. May make more sense to say "Major reduction in payments transaction fraud" which covers cards but doesn't exclude other payment instruments that may be more relevant in the future. Claudia S. Swendseid Senior Vice President Federal Reserve Bank of Minneapolis Phone: 612-204-5448 Cell: 612-655-7523 Email: Claudia.swendseid@mpls.frb.org -----Original Message----- From: Castillo Laurent [mailto:Laurent.Castillo@gemalto.com] Sent: Thursday, February 26, 2015 4:28 AM To: Ian Jacobs; Manu Sporny Cc: public-webpayments-ig@w3.org Subject: RE: Executive summary / Group goals (was: Re: [use cases] Meeting minutes for 2015-02-24 telecon) Hi All, Very nice first draft! Like Manu, I think we're over-reaching a bit in our goals and scope. More in details, here is where I think we might be going too far: - Proximity payments: it's a field with much standard work being done, complex, with slow deployment and few web technologies. I don't think W3C would bring a lot in that field. There's some references to it in the current draft (I suggest simply removing those): * "Mobile Web applications can also make "brick and mortar" transactions more secure and convenient." * " convergence of online and point-of-sale experiences": for that one, we'd need to start converging point of sale experience itself :) - Defining a new payment instrument itself: I believe a lot of people in the group wants to innovate on payment instruments (more secure, more convenient, with crypto-currencies, etc...). So defining a single W3C payment instrument (like a single financial ID, authentication method, etc...) will limit that freedom to innovate, and will just put W3C as a competitor to many actors (goes counter to a level playing field). Some places in current draft that made me think that: * "easier integration of tokenization and other approaches": this is a direct reference to a specific payment instrument implementation (why this one and not others? Because its trendy ? :) ). I'd rephrase it with something like "Through stronger Web security and fostering an ecosystem that makes it easy to integrate new, more secure payment, instruments, we will see a reduction..." Some comments on manu's comments (otherwise consider I'm +1'ing all of manu's +1) >> A great reduction in "stolen card" transaction fraud. > > +0.9 - why the quotes? Or rather, if we're quoting it, it may mean > +that > we mean something nuanced, which will most likely be lost on the reader. > I'm bike-shedding here, so feel free to ignore unless this is an issue > for someone else. I think we should say "stolen card numbers transaction fraud". Physical stealth of a credit card (<ads> especially with a chip </ads>) is at an acceptable risk level today. Credit card number fraud is by far the number one issue that I believe we all agree needs to be addressed. >> Greatly reduced payment provider switching costs for customers and merchants. "Greatly reduced costs for introducing new payment instruments in existing payment provider" is also an interesting, similar goal. >> Does not interfere with the ability to meet regulatory requirements > > +0.6, what about: > > Does not interfere with the ability to meet regulatory requirements, > and in some instances, smooths the regulatory compliance process for > all parties involved. -1 to manu's modification: guaranteeing that we don't break any relevant regulations with our addition is going to be hard, going further is over-reaching (and typically in the scope of defining a payment instrument). >> Enables people to "take their money out of the system" > > -1, too vague. What do you mean by "take their money out of the system". > Possible readings are: > > - Make it easy to do ATM withdrawals. > - Help Julian Assange not have his accounts frozen. > - Integrate nicely government taxation authorities in streamlining > processes like VAT collection, etc. Agreed, too vague. Cheers Laurent ________________________________ This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus. This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential or proprietary information. If you are not the intended recipient, immediately contact the sender by reply e-mail and destroy all copies of the original message.
Received on Thursday, 26 February 2015 17:21:28 UTC