Re: [w3c/webpayments-methods-tokenization] Add missing images from spec proposal (#1)

Hi @oyiptong,

I have flipped the necessary bit on the W3C site, so the issue is gone.

I do have some thoughts on the images, so I'd like to request some work on them before we include them. Here are some notes:

1) They use different terminology than this and other specs. For example "buyer" instead of "payer".
2) I find they are a bit overwhelming if you don't already know how they work (which is my case, for example). 

For example, it seems there are a couple of phases that could usefully be pulled out of the issuer token image. Phase I is how the issuer gets a token to the payer. If the issuer provides the payment app to the payer, does the payer even need to know the full PAN? It looks in the image like the payer provides the PAN, but in an app from an issuer, that seems unnecessary. Maybe the payer identifies "This card" somehow, and the issuer's token provider provisions the payment app accordingly. But another question that we might want to address is whether the payment app "stores" the token or dynamically accesses it or it could work either way. 

Phase II is that the payer authorizes payment through the payment app, which sends the token to the merchant/payee, etc. I would also like to request clarification about what the image depicts. It sort of looks like the merchant gets the original PAN. But I doubt that's what's meant. Rather, doesn't the merchant/payee get the token, give it to their acquirer who then sends it on...and the last step is that the merchant is paid? So (1) should the diagram show the acquirer? [I think the acquirer is called out in the second diagram] and (2) should the diagram make clear that the last step is an exchange of funds and not an exchange of token?

I have similar comments on the second diagram:

a) Some terminology differs between diagram 1 and 2. (e.g., "Original card issuer" v. "Original funding instrument issuer").

b) Could we split into a provisioning phase and a usage phase? I realize that may not make sense in all cases (e.g., 1-time tokens).

Ian

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-methods-tokenization/pull/1#issuecomment-298333920

Received on Monday, 1 May 2017 13:33:00 UTC