IRC log of wpwg on 2021-09-02
Timestamps are in UTC.
- 13:41:39 [RRSAgent]
- RRSAgent has joined #wpwg
- 13:41:39 [RRSAgent]
- logging to https://www.w3.org/2021/09/02-wpwg-irc
- 13:41:43 [Ian]
- Meeting: Web Payments Working Group
- 13:41:46 [Ian]
- Agenda: https://github.com/w3c/webpayments/wiki/Agenda-20210902
- 13:41:53 [Ian]
- Scribe: Ian
- 13:42:03 [RRSAgent]
- I have made the request to generate https://www.w3.org/2021/09/02-wpwg-minutes.html Ian
- 13:58:32 [Ian]
- present+ Ian_Jacobs
- 14:00:51 [Ian]
- present+ Arman_Aygen
- 14:01:15 [Ian]
- present+ Jean-Michel_Girard
- 14:01:59 [benoit]
- present+
- 14:02:26 [Ian]
- present+ Robert_Savage
- 14:02:35 [Ian]
- present+ Stephen_McGruer
- 14:02:39 [Ian]
- present+ Adrian_Hope-Bailie
- 14:03:18 [AdrianHB_]
- AdrianHB_ has joined #wpwg
- 14:03:52 [Ian]
- present+ Werner
- 14:03:55 [Ian]
- present+ Susan_Pandy
- 14:03:56 [JMGirard]
- JMGirard has joined #wpwg
- 14:04:02 [Ian]
- Topic: SPC Status
- 14:04:22 [Ian]
- 1) SPC => FPWD
- 14:05:12 [Ian]
- present+ Clinton_Allen
- 14:05:18 [werner]
- werner has joined #wpwg
- 14:05:27 [Ian]
- present+ Gerhard
- 14:06:09 [Ian]
- Ian: Any initial test work?
- 14:06:19 [Ian]
- Stephen: Yes, we have about 1/2 the coverage I'd like for a launch
- 14:06:21 [clinton]
- clinton has joined #wpwg
- 14:06:31 [Ian]
- ...we are doing our work in "Web Platform Tests"
- 14:06:41 [Ian]
- https://github.com/web-platform-tests/wpt
- 14:06:53 [Ian]
- ...we need automation to get the rest of the way
- 14:06:55 [Ian]
- ...web driver
- 14:07:14 [Ian]
- -> https://github.com/web-platform-tests/wpt/tree/master/secure-payment-confirmation SPC test
- 14:07:34 [smcgruer_[EST]]
- -> https://wpt.fyi/results/secure-payment-confirmation?label=experimental&label=master&aligned
- 14:08:08 [Ian]
- -> https://github.com/w3c/wpsig/blob/gh-pages/spc-psd2.md Using SPC to fulfill PSD2 Requirements for SCA and Dynamic Linking
- 14:09:17 [Gerhard]
- Gerhard has joined #wpwg
- 14:10:16 [Ian]
- q?
- 14:10:43 [Ian]
- IaN: One idea is to develop tests to help fulfill expectations of financial institutions, on top of web platform tests
- 14:11:41 [Gerhard]
- q+
- 14:11:47 [Ian]
- Ian: Need to have some compliance conversations.
- 14:11:49 [Ian]
- ack Ger
- 14:12:15 [Ian]
- present+ Nick
- 14:13:04 [nicktr]
- q?
- 14:13:09 [Ian]
- Ian: I think the answer is "there should be specificity"
- 14:13:29 [Ian]
- Gerhard: You can get an eMVCo "sticker" but I don't think you can get a sticker for "SCA"
- 14:13:36 [nicktr]
- q+ to respond about stickers
- 14:13:47 [Ian]
- Gerhard:...you commission a reputable and independent security company to provide their opinion
- 14:14:23 [Ian]
- Ian: Like who?
- 14:14:39 [Ian]
- Gerhard: I will find the name of an EU security firm
- 14:15:36 [Ian]
- Gerhard: FIDO Alliance has done a lot in this space. Keep checking with them.
- 14:15:57 [Ian]
- ...maybe a collaboration with FIDO would be helpful
- 14:16:51 [nicktr]
- q-
- 14:17:36 [Ian]
- NickTR: There is no standard regulatory path; each country has its own competent authorities. I'm not aware of a certification regime to get a "sticker" about SCA.
- 14:17:59 [Ian]
- q?
- 14:18:24 [Ian]
- Ian: Any implementation expectations to set?
- 14:18:49 [Ian]
- Stephen: We are looking to ship in M95 (MacOS, Windows) ... not guaranteed.
- 14:19:02 [Ian]
- ...this is shippable for experimentation but not done.
- 14:19:04 [nicktr]
- zakim, agenda?
- 14:19:04 [Zakim]
- I see nothing on the agenda
- 14:19:36 [Ian]
- Topic: Basic Card
- 14:19:44 [Ian]
- Topic: Charter
- 14:19:52 [Ian]
- -> https://lists.w3.org/Archives/Public/public-payments-wg/2021Aug/0044.html Draft charter
- 14:20:47 [Ian]
- topic: Payment Request API
- 14:21:05 [nicktr]
- scribenick: nicktr
- 14:21:27 [AdrianHB_]
- AdrianHB_ has joined #wpwg
- 14:21:35 [nicktr]
- ian: Marcos is working on cleaning up the tests and spec for final move to PR
- 14:21:54 [nicktr]
- ...we've not received any further public comments since removing features
- 14:22:07 [nicktr]
- Topic: Basic Card
- 14:23:45 [nicktr]
- ian: Klarna has a interesting use case. If there is a standardised format, then as an App provider, you can send transactions without the merchant having to make changes. Deprecating basic card removes that ability
- 14:24:21 [nicktr]
- ...we also had work going on tokenised card format, which was superseded by SRC, which was superseded by SPC
- 14:24:45 [Ian]
- scribe: Ian
- 14:24:49 [Ian]
- Ian: What are the use cases?
- 14:25:06 [Gerhard]
- Gerhard has joined #wpwg
- 14:25:19 [Ian]
- AdrianHB: What I'd love to solve for is instrument selection. Not necessarily storing anything sensitive, but storing a handle that makes it easy for users to choose a payment instrument.
- 14:25:32 [Ian]
- ...but in a generalized fashion so that it can be used for a variety of payment methods (e.g., SEPA)
- 14:26:09 [Ian]
- ...it would be useful if the browser could store that information and for browsers to provide a selection UX.
- 14:26:28 [Ian]
- ...instead of choosing a payment app, simpler: choose a payment instrument.
- 14:26:44 [nicktr]
- q?
- 14:26:46 [Ian]
- ...and then, for example, SPC could be used for authentication, or the user could be redirected to a payment provider page.
- 14:26:55 [Ian]
- ...this would be an improvement beyond autofill.
- 14:27:06 [Ian]
- ...and browsers could sync across browser instances
- 14:27:58 [Gerhard]
- q+
- 14:28:12 [Ian]
- Jean-Michel: The big problem for us is regarding the merchant. How does the merchant know what the user has to pay with?
- 14:28:40 [Ian]
- ...best solution for us is to use a PSP to propose contracts to the browser, and for the browser to present what can be used to pay.
- 14:29:07 [Ian]
- ...another issue we have regards merchants that have more than one PSP. How do they know which PSP to use based on what the customer can pay with?
- 14:29:44 [Ian]
- ...we don't have any proposals at this time.
- 14:30:04 [Ian]
- ...we also have some tokenized services....
- 14:30:11 [Ian]
- q?
- 14:30:15 [Ian]
- ack Gerhard
- 14:30:18 [Ian]
- Chair: NickTR
- 14:31:08 [Ian]
- Gerhard: We've been doing a lot of thinking around open banking. One thing that it does well is move the user from the merchant domain to the banking domain for instrument selection.
- 14:31:12 [Ian]
- ...the merchant doesn't get to know
- 14:32:24 [Ian]
- ...I think that open banking and SRC are going to be dominant models, where the user interacts with a party that returns (opaque) data to the merchant.
- 14:32:30 [Ian]
- ...standardized fields might be:
- 14:32:32 [Ian]
- * Token
- 14:32:35 [Ian]
- * Expiry date
- 14:32:46 [Ian]
- * Dynamic data
- 14:32:59 [Ian]
- ...and you may need notification of payment with an account push.
- 14:33:01 [smcgruer_[EST]]
- q?
- 14:33:04 [Ian]
- ..summarizing use cases:
- 14:33:09 [Ian]
- * Instrument selection
- 14:33:20 [Ian]
- * Notification payment on the way
- 14:33:24 [Ian]
- * Authentication (SPC)
- 14:34:39 [Ian]
- ...within instrument selection, there are push and pull variations.
- 14:35:44 [Gerhard]
- 4'th is SPC as defined today (payment consent)
- 14:36:06 [Ian]
- NickTR: We have an architecture of Payment Request and Payment Handlers (with canMakePayment), with computation of the interaction of what is accepted and what is available. For push payments, the payment response data is a handle that something is underway
- 14:40:32 [nicktr]
- q?
- 14:41:21 [Ian]
- Gerhard: Use case I have in mind is "guest checkout" to get a tokenization process going.
- 14:41:51 [Ian]
- ...I think we might make progress with a less generic solution.
- 14:41:53 [nicktr]
- q>
- 14:41:55 [nicktr]
- q?
- 14:42:03 [nicktr]
- s/q>//
- 14:44:41 [smcgruer_[EST]]
- q+
- 14:44:55 [Ian]
- Gerhard: Some users are happy to store card info in their browser.
- 14:45:27 [nicktr]
- q?
- 14:45:29 [Ian]
- ...I think that browsers already provide some selection mechanism (to-fill)
- 14:45:32 [nicktr]
- ack smcgruer_[EST]
- 14:45:34 [Ian]
- s/to-fill/auto-fill/
- 14:46:04 [Ian]
- smcgruer_[EST]: I think this is an interesting topic. As a user, I observe that digital wallets have not yet won!
- 14:46:24 [Ian]
- ...I assume it's a chicken and egg problem (adoption only if ubiquitously used by users)
- 14:46:52 [Ian]
- ...I heard Gerhard's proposal is a "marketplace" with multiple backends.
- 14:47:15 [Ian]
- ...I agree that merchants want to control the UX. Digital wallets control *everything* for the merchant, which is more than what Basic Card offered.
- 14:47:34 [AdrianHB_]
- q+ to comment on background of basic card vs payment handler
- 14:47:45 [Ian]
- ack AdrianHB
- 14:47:45 [Zakim]
- AdrianHB_, you wanted to comment on background of basic card vs payment handler
- 14:48:53 [Ian]
- AdrianHB: Recall that the two problems we set out to solve originally were for browser-stored data (especially on mobile due to data capture friction) and digital wallet connections.
- 14:48:56 [nicktr]
- q?
- 14:50:18 [clinton]
- q+
- 14:50:43 [Ian]
- AdrianHB: Maybe we need a simpler PR API that still has payment apps. But I see challenge of getting more browser adoption.
- 14:51:04 [nicktr]
- q?
- 14:51:05 [Ian]
- ack clinton
- 14:51:29 [Ian]
- Clinton: Where is adoption documented?
- 14:51:51 [Ian]
- https://caniuse.com/payment-request
- 14:54:47 [Ian]
- https://www.w3.org/Payments/WG/charter-2021.html
- 14:54:59 [Ian]
- "Payment Handler API and Payment Method Manifest do not yet have sufficient cross-browser implementation experience to advance to Recommendation. However, the implementation in Chromium browsers enables experimentation and the Working Group intends to maintain them as Working Drafts. If the implementation landscape changes, the Working Group will revisit the question of advancement to Recommendation and re-charter as needed."
- 14:58:58 [RRSAgent]
- I have made the request to generate https://www.w3.org/2021/09/02-wpwg-minutes.html Ian
- 14:59:21 [Ian]
- Topic: Next meeting
- 14:59:29 [Ian]
- 16 september
- 14:59:32 [RRSAgent]
- I have made the request to generate https://www.w3.org/2021/09/02-wpwg-minutes.html Ian
- 15:00:55 [Ian]
- zakim, bye
- 15:00:55 [Zakim]
- leaving. As of this point the attendees have been Ian_Jacobs, Arman_Aygen, Jean-Michel_Girard, benoit, Robert_Savage, Stephen_McGruer, Adrian_Hope-Bailie, Werner, Susan_Pandy,
- 15:00:55 [Zakim]
- Zakim has left #wpwg
- 15:00:57 [Ian]
- rrsagent, bye
- 15:00:57 [RRSAgent]
- I see no action items