- From: adamroach <notifications@github.com>
- Date: Mon, 16 May 2016 20:03:09 -0700
- To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
- Cc:
- Message-ID: <w3c/browser-payment-api/issues/199/219607805@github.com>
@nickjshearer asks: > How would this work for merchants who were selling subscription services and wanted to still support basic card payments? I think @rsolomakhin describes a good balance for basic card, at least for now (that is, unless we can come up with something better). However. In most discussions I've heard so far, basic card is treated as a transitional technology, which we hope will soon be supplanted by something inherently more secure, such as token schemes. By my understanding, these schemes do not expose credit card information directly to merchants, instead interacting with a payment app to get a limited-use token which is then provided to the merchant. Along a similar vein, electronic wallet schemes such as Apple Pay, to my understanding, employ what has been described to consumers as a "transaction-specific dynamic security code," which I would presume is non-reusable. I'm also confident that providing you with the information necessary for me to transfer modern cryptocurrencies into your possession cannot reasonably provide information that would allow you to effect future transfers. So, your query about handling subscription services is something that probably deserves additional thought. The basic card scheme is something of a rare unicorn in that it allows storing of information that can be used multiple times. We would be foolish to rely on its behavior *in general*, since other schemes won't be as amenable to such a setup. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/browser-payment-api/issues/199#issuecomment-219607805
Received on Tuesday, 17 May 2016 03:03:46 UTC