Re: [w3c/payment-request] Richer negotiation re: address redaction? (#842)

Hi @samuelweiler and @npdoty,

I mentioned on the call today that the WG has considered the idea of an array provided by the merchant that says "I don't want response data fields x and y for payment method P." 
 https://github.com/w3c/payment-request/issues/97

For the moment the industry demand to exclude CVC has been small, so there was little appetite to include this as a standard feature in Payment Request available to all payment methods. 

One could also define this feature at the level of a particular payment method. As an example, for Basic Card [1] one could enable the merchant in the request data to say "Please don't collect the CVV." However, the demand for this has been sufficiently small that we have not yet chosen to do so.

I generally think of it this way:

 * Experiment at in payment method definitions.
 * When there is a clear demand for the same functionality across payment methods, elevate it to Payment Request API.

So a future version of Basic Card (or any other payment method) could try out this feature without requiring changes to Payment Request API. 

Ian

[1] https://www.w3.org/TR/payment-method-basic-card/



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/issues/842#issuecomment-468405348

Received on Thursday, 28 February 2019 19:30:21 UTC