W3C home > Mailing lists > Public > public-webpayments@w3.org > May 2012

Re: W3C workshop on payments and the Web?

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Fri, 11 May 2012 14:15:28 -0400
Message-ID: <4FAD5740.6090804@digitalbazaar.com>
To: Dave Raggett <dsr@w3.org>
CC: public-webpayments@w3.org, Alan Bird <abird@w3.org>
On 05/11/12 06:46, Dave Raggett wrote:
> The W3C Team recently organized a task force on web payments as part
> of our headlights process for up and coming areas, and we would like
> to invite your comments on the information we have collected [1], and
> your suggestions for possible next steps in regard to standardization
> work at W3C.

Glad that you guys did this. I'm assuming that this was a first-step,
internal W3C Team-only thing? Further discussions about this topic
should certainly involve people that have been active on this mailing
list - either in the past or currently.

> There are many different possible approaches to payments on the Web,
> and we focused on the scenario where a web application is seeking a
> payment from the user. Web Intents looks like a promising means to
> allow for web applications to request payments, leaving the user free
> to pick her preferred means of payment.

That's only one part of the problem - the other part is how the web
application can trust that the response it gets from any particular
service can be trusted (this is what PaySwarm is focused on doing).

That is... the easy part is requesting the payment via a Web Intent. The
hard part is interoperability between the payment system and the web
app... or between the payment systems. For example:

* Is there a white list of services that have been "verified", much
  like the list of trusted root certificate authorities? (hard)
* What kind of message does the payment service send to the web app?
* How does the web app specify the callback location? (easy)
* Are digital signatures involved? (hard)
* Who is responsible for relaying the "digital receipt" back to the
  web app? The user agent, or the payment provider? (hard)
* Should the payment providers be interoperable? (hard)

> This approach is agnostic with respect to the many existing or
> planned payment solutions.

I don't think it's that simple... specifically regarding who qualifies
as a payment provider, who maintains the white-list, how is that list
put together, and what message should come back to the Web app
certifying that the purchase happened successfully.

For instance, if the customer has a Google Wallet and the web app uses
PayPal - how does the money go from Google Wallet to PayPal?

> There is also a role for standards aimed at enabling value-added
> third party services that complement payment services.


> What should W3C do next?  We could organize a workshop later this
> year or early next year,

I'd suggest early next year... I'm also concerned about a number of the
participants in this mailing list being able to attend, as many of them
are running small start-ups or are weekend warriors on these projects.
Additionally, PayPal, Google, Flattr and most of the existing payment
providers are not yet a participating and may never participate as
interoperability is a threat to their market share.

I'm not saying that a workshop is a bad idea - I'm just saying that I
don't know if we have a good handle on what would or should happen at
such a workshop - other than brainstorming.

In any case, there is plenty of time to plan such a workshop - although,
I'm a bit skeptical of it "helping" at this stage. That said, it would
be good to get all of the companies listed in the wiki page you created
together to have some open talks about potential collaboration points.

-- manu

Manu Sporny (skype: msporny, twitter: manusporny)
President/CEO - Digital Bazaar, Inc.
blog: PaySwarm Website for Developers Launched
Received on Friday, 11 May 2012 18:15:56 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:21 UTC