- From: ianbjacobs <notifications@github.com>
- Date: Thu, 09 Jun 2016 21:11:02 -0700
- To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
- Cc:
Received on Friday, 10 June 2016 04:11:36 UTC
Hi @adrianba, In the payment app task force we've been discussing scenarios where a payment app might change the total before the user authorizes payment, for example after application of a discount. Presumably if this is possible in the payment app, it's because the app distributor and the merchant have a private agreement that this is ok. In this case, the "authorized total" may not be one that the merchant sent to the payment app. If we anticipate this scenario, then: - The spec should not constrain the total to be something that the merchant provided. - The spec should advise the merchant to check the total that was sent back in the response. So that would lean toward your option 3 (if I understood correctly). Even if we wanted to say "payment apps much not change totals" I'm not sure we can stop them in practice from doing so. So merchants should check the response. Ian --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/browser-payment-api/issues/215#issuecomment-225088940
Received on Friday, 10 June 2016 04:11:36 UTC