Re: [w3c/payment-request] Authentication of merchant domain and details (Issue #1014)

> This makes relaying (or stealing) authorizations much less useful, here assuming that verifiers check this parameter as well as claimed receive account etc.

In that case it might vary greatly between payment processors. IIRC the spec doesn't say that the payment method provider should verify that.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/payment-request/issues/1014#issuecomment-1817078063
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/payment-request/issues/1014/1817078063@github.com>

Received on Friday, 17 November 2023 20:41:40 UTC