Re: [w3c/payment-handler] Share user data with Payment App (#123)

In my opinion, a generalized solution for obtaining user data is not ideal in this case. Remember that at the time of invoking a payment app, the user has already gone through steps for selecting phone number, email address and shipping address as part of the payment request flow (assuming the payment request asked for this information).

A generalized API would presumably not be able to hook into the payment request context and pick out these exact pieces of user data. I would like to avoid that the user is prompted multiple times for phone number, email and address, as this would be annoying for the user, and open up the possibility that the payment app get sent different bits of information than get sent to the merchant.

As for when to ask for permission - at installation time or at the time of actually sharing the data - I don't have a strong opinion. Many modern systems (such as for instance the Android platform) seem to move towards asking permission at the time of use, and this generally seems like a better approach, as it better empowers the user to care about their own security and privacy. However, there could be reasons why our case is different (cart abandonment), and that we should ask at installation time instead. I would say that from a technical perspective, either solution is equally simple to specify and implement.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-handler/issues/123#issuecomment-310172098

Received on Wednesday, 21 June 2017 18:53:52 UTC