I would recommend following putting out clear indications toward future -- - Pass tokens that are authorized by user and generated in the payment app to the merchant (or PSP) so merchants does not need to be PCI-DSS compliant - With higher authentication linked to device and user (biometric), certain type of tokens would bring in liability shift to merchants for the transaction - Standard way of passing token from payment app to merchant such that PSP integrated with merchant can process payment with that token. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webpayments-methods-tokenization/issues/6
Received on Friday, 12 May 2017 20:28:43 UTC