Re: "one click" from Adrian Hope-Bailie on 2016-10-06 (public-webpayments-ig@w3.org from October 2016)

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Thu, 6 Oct 2016 10:43:51 +0200
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: Jeffrey Burdges <jeffrey.burdges@inria.fr>, Web Payments IG <public-webpayments-ig@w3.org>, Taler <taler@gnu.org>
Message-ID: <CA+eFz_JPpsMCU4h8QYuC1wkVbkcVwC07pkRJ2tXsxTBiQ7WSqg@mail.gmail.com>

Sounds like a miscommunication to me

On 6 October 2016 at 10:06, Anders Rundgren <anders.rundgren.net@gmail.com>
wrote:

> On 2016-10-03 23:41, Jeffrey Burdges wrote:
>
>>
>> I noticed this NYT article that couched the Payment WG's spec as being
>> about "one click" :
>> http://www.nytimes.com/2016/09/26/business/dealbook/what-if-
>> one-click-buying-were-internetwide.html?_r=0
>>
>> It's not actually possible to do one click shopping on a merchant's site
>> securely.  You need interactions with the payment mediator and payment
>> app.
>>
>
> There are other noteworthy stuff in the article as well:
>
>  "On the security side, rather than sending along all the credit card
> details,
>   the browser will generate a one-time payment token that will avoid
> leaving
>   your credit card number in countless databases around the world"
>
> The _browser_ performs tokenization?
>
> Anders
>
>
>
>> Interestingly, there is actually a way to do one click shopping though
>> if you move the buy button off the merchant's site entirely and into the
>> browser itself.  If a merchant sends a contract, then you display the
>> payment mediator, shipping address information, and payment app in an
>> overlay window separate from the merchant controlled window.  This
>> contains a buy button, so the user can verify information like shipping
>> visually, and push buy without necessarily changing anything.
>>
>> Just though that was funny,
>> Jeff
>>
>>
>
>

Received on Thursday, 6 October 2016 08:44:22 UTC