[w3c/browser-payment-api] Concern on Payment Method Identifier requirement (#200)

Sorry for jumping into the discussion late in the game and my apology if the topic has previously been discussed already. Anyways, after reading the requirement on PMI I have the following concerns

> Requirement 2: It must be possible for anyone to mint a PMI for a payment method under their control. 

The reality here is, payment method is rarely fully under one party's control. Just take a Visa debit card issued by citi bank for example. It is a collaboration between, visa, PCI and citi bank. On page, citi bank is card issuer, however, they need to work with PCI and visa to make sure the plastic card and back end are in complaint. To that point, it is unclear if this method should be paymentcard/debit/visa/citi or citi/paymentcard/debit/visa (or any other combination) under the current proposal.

My proposal is that we should consider add a fifth requirement to **make it easy for multiple parties to collaborate and mint payment method together** 

Also, under the current proposal, paymentcard/debit/visa/citi and citi/paymentcard/debit/visa are two different PMI when they should in fact be the same

Another requirement I think we should add is to ensure that **we can easily specify a class of payment method. e.g. all visa debit card, or all visa card accepts USD.** so that the payment app can easily specify the list of payment method if prefers (or accepts)

 I would like to propose a different PMI schema, that uses a collection of properties, e.g.,
{ http://pci.org/paymentcard/debit, http://visa.com/visa/, http://citi.com/citicards, http://w3c.org/payment/currency/usd} 

-  two PMI are equivalent if they have the same set of properties (which in turn can be evaluated using URL equivalency or have short names)
- Since different organization owns their own dominate, they would be easily mint a PMI if they fully owns and there is no collaboration with other organization
- This would also allows multiple organization to collaborate, as each of them would be minting properties that they own. 
- The new schema also allows the payment apps to easily specify it accepts certain class of payment method, e.g. it can say only accepts visa debit card by requiring the following two properties: { http://pci.org/paymentcard/debit, http://visa.com/visa/}

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/browser-payment-api/issues/200

Received on Tuesday, 17 May 2016 03:39:45 UTC