- From: adamroach <notifications@github.com>
- Date: Mon, 03 Oct 2016 16:16:26 -0700
- To: w3c/webpayments-methods-card <webpayments-methods-card@noreply.github.com>
- Message-ID: <w3c/webpayments-methods-card/issues/16@github.com>
>From https://www.w3.org/Payments/WG/track/actions/33 Proposed text: > The basic card payment method provides information to merchant websites that can be used for multiple transactions over a potentially very long period of time, typically on the order of several years at a time. At the time of the development of this specification, it is commonplace for merchant sites to store this information long-term to reduce the friction of a user entering a credit card number for every future purchase. > >The decision whether to retain credit card information for future transactions remains a matter of local policy for web sites; however, the introduction of a programmatic way to retrieve credit card information from a web browser changes a couple of key factors that typically motivate storage of such information. > >Because the web browser will retain credit card information, and make it available – subject to user approval – whenever a merchant needs it, the friction that merchants seek to avoid no longer exists. This frees merchants from the liability considerations of storing information on a persistent basis, such as financial liability that can result from unauthorized access to the databases used to store credit card information. > >Additionally, web sites that call the payments API for each transaction avoid the friction that can result when users’ credit card numbers and/or expiration dates are updated. From a user’s perspective, this avoids the hassle of having to update a large number of merchant web sites any time they are issued a new card. > >Finally, by letting the web browser determine user authentication information, the merchant site is relieved of the duty of ensuring that a time-local and sufficiently strong authentication has occurred. Additionally, browsers can make use of local affordances, such as biometrics and hardware tokens, to authenticate users in a way that is more convenient, more secure, and lower friction than web sites currently can. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments-methods-card/issues/16
Received on Monday, 3 October 2016 23:16:55 UTC