W3C home > Mailing lists > Public > public-webpayments@w3.org > May 2015

Re: [Payments Architecture] A vision statement for the web payments architecture work

From: Ian Jacobs <ij@w3.org>
Date: Tue, 19 May 2015 19:06:33 -0500
Cc: Manu Sporny <msporny@digitalbazaar.com>, Web Payments IG <public-webpayments-ig@w3.org>, Web Payments CG <public-webpayments@w3.org>
Message-Id: <10BEF6B0-41D0-4728-89E1-3EC3F161632A@w3.org>
To: David Ezell <David_E3@VERIFONE.com>

> On May 19, 2015, at 3:10 PM, David Ezell <David_E3@VERIFONE.com> wrote:
> 
> Hi Folks:
> 
> Ian wrote:
>> * Supports a wide spectrum of security needs to meet industry and regulatory expectations.
>>   To meet regulatory requirements and give people enough confidence to use the Web for
>>   payments, the architecture must support a wide spectrum of security requirements and
>>   solutions. This includes the ability to encrypt strongly both sensitive information and the
>>   channels used to exchange the information, as well as supporting an evolving variety of
>>   authentication techniques (multifactor, biometric, etc.). Trust in the Web of payments
>>   is critical to its success.
> 
> Yes, all good.  Gives a list of things that will be included.  Somehow (and there's a lot there already) I think it should say what we will attempt >not< to require.
> Perhaps a second bullet for clarity:
> "* Minimizes (eliminates?) reliance on Personally Identifiable Information (PII) to fulfill any requirements.”

How about:

* Supports a wide spectrum of security needs to meet industry and regulatory expectations.
   Trust in the Web of payments is critical to its success.
   To meet regulatory requirements and give people confidence to use the Web for
   payments, the architecture must support a wide spectrum of security requirements and
   solutions. This includes minimizing what sensitive information is shared as well as the ability
   to encrypt that information (both in transit and when stored). The architecture will also need
   to support an evolving variety of authentication techniques (multifactor, biometric, etc.).

Ian

--
Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
Tel:                       +1 718 260 9447




Received on Wednesday, 20 May 2015 00:06:38 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:40 UTC