Re: [w3c/payment-request] Authentication of merchant domain and details (Issue #1014) from Michel Le Bihan on 2023-11-16 (public-webpayments-specs@w3.org from November 2023)

From: Michel Le Bihan <notifications@github.com>
Date: Thu, 16 Nov 2023 11:31:53 -0800
To: w3c/payment-request <payment-request@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/payment-request/issues/1014/1815183296@github.com>

> is committing payments fraud, by taking $1000 from the user (with the user's permission!) but not giving them their goods (the laptop)

Not exactly. In my case `secure-legit-trusted-store.com` is not registered with any payment processor and does not receive any money. They merely relay the request from `buy-crypto-online.com` and `buy-crypto-online.com` receives directly money from the user. However the product form `buy-crypto-online.com` will be sent to the fraudster not to the user who made the payment.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/issues/1014#issuecomment-1815183296
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/payment-request/issues/1014/1815183296@github.com>

Received on Thursday, 16 November 2023 19:31:59 UTC