- From: Dave Raggett <dsr@w3.org>
- Date: Thu, 5 Mar 2015 19:12:46 +0000
- To: Laurent Castillo <Laurent.Castillo@gemalto.com>
- Cc: Web Payments IG <public-webpayments-ig@w3.org>
- Message-Id: <896A32BD-C502-4C57-9384-0E4FC8A99177@w3.org>
Yesterday, I sent out a set of end user narratives as a high level description of use cases, see:
https://lists.w3.org/Archives/Public/public-webpayments-ig/2015Mar/0018.html <https://lists.w3.org/Archives/Public/public-webpayments-ig/2015Mar/0018.html>
Laurent in today’s use case task force call asked about the scope, so I thought it might be helpful to give my understanding. As Ian noted, we could agree on the scope but want to focus on some aspects first, deferring others until later on. It could also be the case that there are some aspects where we don’t have a consensus for working on them, and that we may need to drop those aspects from the roadmap.
An end user narrative needs to hang together, and this may necessitate covering more than what the Web Payments IG needs to address in the W3C standards we seek to have created. An example is where a user browses a website to select items to add to a shopping basket. This functionality is handled by the website and is not part of the payment transaction.
Another example, is where a payment instrument asks the user to enter a PIN, or swipe a finger over a scanner as proof of presence. This is the responsibility of the payment instrument and independent of the interface between the web page and the digital wallet, particularly because we want to give implementors freedom for how they implement payment instruments either as a native app or as a locally installed or remotely hosted trusted web app. We may later want to look at what APIs would be valuable for web based implementations of payment instruments, but I don’t think this a high priority for the IG, or am I mistaken? In any case, there is a need for W3C to address stronger user authentication to move the Web off user ids and passwords. The Payments IG should throw its support behind that.
I believe that vouchers, discount coupons and loyalty cards are in scope for the IG (according to the charter) and as such we need to come up with the corresponding end user narratives and their analysis for the requirements that they imply.
The charter sets the expectation that the use payment agent (digital wallet) will work for both web applications and for payment terminals in brick & mortar stores, railway stations and restaurants etc. For me this means ensuring that the interface exposed by the wallet fulfils the requirements for both cases. This is a great selling point for end users!
Should the IG address how digital wallets are registered and unregistered with browsers? I think this is important. What about you?
Should the IG address how payment instruments and identity cards are registered and unregistered with digital wallets? Possibly not, at least to start with. However, this is something critical for enabling a level playing field, and as such it is a functional capability that wallets need to support, although we may not need to specify a standard interface for this. What I would like to realise is a means for people to visit a website for a payment instrument, and to activate a link to install it. Further discussion on what this necessitates seems worthwhile, and justifies having a use case narrative for it.
Does there need to be a standard way to model digital receipts provided by merchants to consumers? I think so, as this would enable applications that can interpret the receipts you have got in your wallet. This could be a data representation shorn of presentation details, or it could be an annotated presentation format (like HTML). It is worth discussing this further.
I anticipate that digital contracts entered into as part of a transaction is something that W3C may want to cover in future work, but not just yet due to all the complexities involved. So I think this is clearly out of scope for the IG, right?
Does the IG need to address identity verification (linking web and real world identities)? Probably not. However, this is something that W3C needs to address, but probably in a different group since it is of broader interest than for payments. It is important to how you gain access to your bank’s website, or for activating payment instruments installed from the web. I think the Payments IG should throw its support behind this capability. More details on this are in my blog post:
http://www.w3.org/blog/wpig/2015/02/13/linking-web-identities-with-real-world-identities/ <http://www.w3.org/blog/wpig/2015/02/13/linking-web-identities-with-real-world-identities/>
Looking forward to your comments.
—
Dave Raggett <dsr@w3.org <mailto:dsr@w3.org>>
Received on Thursday, 5 March 2015 19:12:52 UTC