Credit-card payments on the Web - Stuck in its 1998 form

Credit-card payments on the web haven't taken a single security-related step forward
since 1998 when 3D secure was conceived.

How come?  There's no suitable web technology available for this purpose and
banks do not build browsers.  In addition, banks do not contribute to standardization
in open forums or to open source projects.

Can W3C do something here?  I don't think because there is too much tension
regarding payments.  What is (at least theoretically...) possible is creating neutral
web technology allowing banks to build their own payment systems.

What's completely missing are requirements.  However, AFAIK you are not allowed
to mention possible requirements in public forums if you are working for a major
US tech company due to IPR and product considerations.

How are you supposed to break the ice?

Anders

Received on Saturday, 5 October 2013 06:10:56 UTC