Re: proposed navigator.mozPay() changes from Manu Sporny on 2013-09-05 (public-webpayments@w3.org from September 2013)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Thu, 05 Sep 2013 13:00:43 -0400
To: Kumar McMillan <kmcmillan@mozilla.com>
CC: "public-webpayments@w3.org Payments" <public-webpayments@w3.org>
Message-ID: <5228B8BB.1030302@digitalbazaar.com>

On 09/04/2013 05:44 PM, Kumar McMillan wrote:
> I just posted a request for feedback on this proposal:
> https://groups.google.com/forum/#!topic/mozilla.dev.webapi/cyk8Nz4I-f4
> (https://lists.mozilla.org/listinfo/dev-webapi)

Let me attempt to summarize in order to see if I really understand the
proposal:

You're proposing that we create a new whitelisted feature in modern web
browsers that allows a "trusted window" to appear when a payment, or any
potentially risky operation, is initiated.

This window could be opened by companies like Square, Stripe, Google
Wallet, PayPal, Telefonica, Verizon, or a number of other companies that
provide payment services. The code that can run in this window is
arbitrary, allowing any payment flow to work. The application (like a
game) could communicate with the payment provider using existing
features like postMessage().

The benefits of this approach are:

1. Simplicity of design and composability, which are generally good
things when attacking a problem with unknown depth.
2. Added flexibility, supporting payment flows that we haven't thought
about.

The drawbacks of this approach are:

1. The existence of a whitelist, which potentially places the browser
companies in the position of blessing business models. Seeing how Google
and Apple might have a reason to prevent competitors to their payment
solutions, that may not be a good idea.

2. There is no payment standard or convergence. Large companies will
continue to support their proprietary buy flows with no real incentive
to settle on a particular buyflow.

3. This may be perceived as Mozilla backing away from doing something
deeper with payments and app stores on the Web. Is that perception
correct? Are decentralized product listing and sale still something
Mozilla is still interested in pursuing?

I think we can address issue #1 by keeping the "add a trusted provider"
mechanism we created in the Web Commerce API.

#2 and #3 are more concerning to me, do you see the focus being placed
on PaySwarm to accomplish a standard payment mechanism? Or something
else? Would nav.pay() disappear entirely?

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Meritora - Web payments commercial launch
http://blog.meritora.com/launch/

Received on Thursday, 5 September 2013 17:01:07 UTC