Re: [w3c/payment-request] Allow custom data for the active payment method to be provided to `PaymentResponse.prototype.complete` (Issue #981)

Hi @dcrousso,
As one of probably very few users of **PaymentRequest** (for Android only since iOS does not support custom payment applications), I came up with a similar need but different solution.  The `retry()` method may be useful but in my case there is a pretty sophisticated wallet which only uses the `PaymentResponse`  for navigation to a success page or back to a payment selection page. 

So this particular scheme rather needed a way to talk back to the merchant with the actual authorization while remaining in the wallet UI.  The return from this call is either:
- OK.  The wallet can terminate.
- A message from the Merchant like "We don't accept cards issued in XYZ, select another one card if possible".
- A message from the Issuer like "Insufficient funds" or "Purchases exceeding $3000 needs additional confirmation, please type the number we just sent to your phone and reauthorize".  This message must be handled inside of the wallet because it is _encrypted_ to provide private channel between the User and the Issuer.

In the absence of a talk-back mechanism, the wallet uses a somewhat awkward OOB channel requiring the Merchant to include cookies in the **PaymentRequest** call.

BTW, since payment instrument enrollment is not a part of **PaymentRequest**, an additional task was figuring out how to do that in a convenient and secure way.  It turned out that (ab)using **PaymentRequest** was the best solution!
https://cyberphone.github.io/doc/web/calling-apps-from-the-web.pdf


-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/issues/981#issuecomment-996500857
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/payment-request/issues/981/996500857@github.com>