I generally believe merchants should do whatever data collection they need before invoking the payment method. It's opening a big can of worms if the payment method deals with this : Is the user agent being clear enough about what user data it reveals? If not, that'll violate laws various places. Is/should the merchant actually see the data or just the PSP? etc. There is obviously an advantage to the payment app being able to communicate data to the PSP without communicating to the merchant, as this reduces the merchant's EU DPD compliance burden, but that exists regardless, and is payment app specific. --- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/w3c/browser-payment-api/pull/65#issuecomment-200808323
Received on Thursday, 24 March 2016 12:21:53 UTC