W3C home > Mailing lists > Public > public-webpayments-specs@w3.org > May 2019

Re: [w3c/payment-method-basic-card] fix: don't redact addressLine from billingAddress (#77)

From: ianbjacobs <notifications@github.com>
Date: Thu, 02 May 2019 13:07:31 -0700
To: w3c/payment-method-basic-card <payment-method-basic-card@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/payment-method-basic-card/pull/77/c488813505@github.com>
Hi all,

I endeavored to find out whether there are some use cases for sending
the phone, organization, and recipient fields to merchants when
the PaymentAddress is used in a Basic Card billing scenario.

From my outreach I conclude that (card) information is useful both
for authorization and risk analysis.

@krystosterone pointed to the authorize.net documentation [1] and I
similarly looked at documentation from Braintree [2], Adyen [3],
Stripe [4], and PaySafe [5]. I also spoke with Jonathan Grossar by

It seems that for authorization, the three fields are not strictly
required. However, for risk assessment (e.g., via 3DS2), I understand
that phone is a useful field.

I also concluded from discussion that "addressLine" should be returned
in the Basic Card response. We had already reached that conclusion on

I have thus updated the pull request so that the redactList for Basic
Card is "organization" and "recipient".


[1] https://developer.authorize.net/api/reference/index.html
[2] https://developers.braintreepayments.com/reference/response/address/ruby
[3] https://docs.adyen.com/developers/api-reference/common-api/address
[4] https://stripe.com/docs/api/cards/object
[5] https://developer.paysafe.com/en/cards/api/#/introduction/complex-json-objects/recipient

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Received on Thursday, 2 May 2019 20:07:54 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 2 May 2019 20:07:55 UTC