- From: mattsaxon <notifications@github.com>
- Date: Mon, 16 May 2016 23:31:19 -0700
- To: w3c/browser-payment-api <browser-payment-api@noreply.github.com>
- Cc:
Received on Tuesday, 17 May 2016 06:32:14 UTC
There are various use cases for tokenisation and these are closely linked to the recurring payment use cases that are discussed elsewhere. Certain scenarios, even with the use of tokenisation, require the merchant to hold the token. An example of a repeat payment where the billing points are driven by an adhoc trigger, e.g. Consider where the trigger occurs away from the web browser. I dont believe we should look to constrain the ecosystem, but we can point out the trade offs of the various approaches. Be aware that the basic card payment specification at the moment requires the merchant to achieve a 'fuller' PCI certification as unencrypted PANs pass via the merchants site. This is irrespective of if the cards at stores. As has been stated, we need to explore other more secure payment methods, basic card is just the start. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/browser-payment-api/issues/199#issuecomment-219630917
Received on Tuesday, 17 May 2016 06:32:14 UTC