- From: Anders Rundgren <notifications@github.com>
- Date: Wed, 01 Apr 2020 08:35:59 -0700
- To: w3c/payment-request <payment-request@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 1 April 2020 15:36:13 UTC
Personally I think the root of the problem actually is the combination of personal information with payments. These are separate issues. The shipping part of `PaymentRequest` addresses a limited set of real-world cases (ad-hoc shopping on the Web) and only saves a single click or two compared to HTML's `autocomplete`. Other privacy discussions I have seen over the years seem to overlook the fact that a malicious PaymentHandler (aka payment application) can return whatever information it has access to. That is, _a PaymentHandler must be trustworthy_. For native PaymentHandlers this is accomplished though publishing in specific "app-stores" as well as through platform attestations. Since I'm not up-to-speed on ServiceWorker-based PaymentHandlers, I don't know what kind of attacks that are possible for such designs. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/payment-request/issues/903#issuecomment-607322360
Received on Wednesday, 1 April 2020 15:36:13 UTC