Re: [browser-payment-api] How are payment requests and responses passed between the browser and third-party native wallets? (#50)

> there are no pre-defined origins.

When you say "origin", do you mean [tuple(scheme, host, port)](https://tools.ietf.org/id/draft-abarth-origin-03.html#rfc.section.2)? My thinking was that the payment app will use the URL of their website as the payment method identifier. This URL can include a path as well.

For example, suppose BobPay company publishes BobPay Android app and owns the bobpay.xyz hostname. They can use "https://bobpay.xyz/pay" as the payment method identifier. BobPay company needs to publish a developer tutorial that specifies their payment method identifier, what extra data the BobPay app needs, and the format of the data that BobPay will return.

> Android application verification

[App verification](https://support.google.com/accounts/answer/2812853?hl=en) is a security feature in Android not related to payments directly. [App linking](http://developer.android.com/training/app-links/index.html) is a feature on newer Android versions that sets the default URL handler without user interaction. The user can change their default URL handlers in settings later. This feature is transparent to Chrome. Chrome can ask the the OS to launch an app responsible for a certain URL. The launch happens via an intent.

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/50#issuecomment-201390649

Received on Friday, 25 March 2016 17:59:26 UTC