Vision Task Force
26 Jan 2017


See also: IRC log


Ian, Max, Pascal, jeff, Natasha (schuki), Ted, Manu, Ken, dezell, JohnCarrier, Ben


<Ian> https://www.w3.org/Payments/IG/wiki/Vision2017

Background for Vision 2017

Ian: New focus of this work is to bring proposals for new work for IG to develop in 2017

<scribe> scribe: manu

Ian: Some work has begun to take hold in Community Groups, in the case of Verifiable Claims, has been proposed to the members. The IG is looking for other standardization opportunities. People that have signed up for the TF have helped identify and will help prioritize items for 2017.
... I have a task for reviewing proposals for face-to-face meeting. Right now, we're trying to finalize meeting space on 22nd March.
... We'd like to do enough work to have something interesting to discuss in March.
... I've asked folks to prepare slides, we will get preliminary proposals discussed today, hope to have more in the future.
... I have not spoken w/ all of you in advance wrt. what each of you will be bringing, but we'll find out today what we can cover and what will be on the agenda for the next time.
... Any questions/thoughts on scope and focus of initial six weeks.

manu: I'm clear on what we're doing for the next couple of weeks.

jeff: In the general area of digital marketing, ecommerce, web payments, there is a lot going on in the Web and very little standardization. There is a huge area of opportunity. I think what we'll need to do over the next several weeks is sort out some of the most promising topics. We need a path to move these topics forward.
... To achieve success, we have to specify a well thought out path. What's the incubation task, what are the use cases, etc.
... We should be thinking of not only topics, but how we move them forward and achieve success.

<Ian> manu: On the question of how we go from topic to incubation to proposed WG charter...we've learned a lot in the IG over the past couple of years about what's necessary to start work and keep it on track

<Ian> ...would it help to have a template that groups can follow?

<Ian> ...processes that have been used to start different groups have shifted

<Ian> ...not so much the W3C process, but the "different things that need to be produced" to start work

<Ian> ...the amount of work we are doing is expanding, but the number of experienced people we have at W3C is not expanding as quickly

<Ian> ...so we need to be sure that people understand what's required..and we also risk spreading people thin

<Ian> ...I have some concerns about resources

Ian: I think there are a few issues in there that we should identify - for example, resourcing - mature proposals, we should be explicit about resource expectations, I think before then, we may have fewer resource constraints before prioritization. There is the question of how familiar people are with starting work at W3C. I wouldn't want that consideration to hinder us from the phase of brainstorming. These are all good topics, we should emphasize different things and different times.

Ian: From my initial plans, I think it's getting subjects on the table and seeing who we can/need to have in the discussions to fully understand the topics. That is the earliest phase of the work.

dezell: Welcome to John Carrier, our colleague from IFSF.

<dezell> members -> problems -> use cases -> straw spec -> charter

dezell: I think it's helpful to have templates
... We wanted to figure out who the right people were, develop the problems, then come to use cases, propose a straw specification (being incubated), and then to a charter.
... If we're lucky, we have implementations of the straw specification.
... I welcome discussions on how to make this faster/more streamlined.
... There are a number of things on our list for this year. Hearing John here makes me aware that we have specifications that are widely adopted and in vertical, I'm here because W3C's global reach is larger than the vertical consortium can get to. This is a slightly different vision, global standards that benefit ALL activities on the Web. I don't think my list is great, some of those are aligned with mechanics of open web platform. I think we have to examine all facets of these ideas.

Ian: I want to make sure we have an opportunity to hear from everyone on the call and what they'd like to cover, if not on today's call, on the upcoming calls.

Vision 2017 Topics

Ian: Let's go around the table and ask if folks have topics.

Amy: Vision is a monumental task, focusing on "do no harm"
... There is a need for "rules of the road" that enables all of this exciting stuff to take place are known, there are so many other groups and activities, I hope that there is a way we can leverage what is going on and share the information to figure out reasonable path going forward.

<Ian> [Ben Smith, Amex]

Ian: There is an opportunity to put more focused items on the table in the upcoming weeks.

<Ian> "Securing CNP Transactions"

Ben: I'm a product development manager at Amex, participant in mobile and payments WG as well. There is an area around security, more specifically, securing card not present transactions. That applies to web payments work, thinking further ahead, CNP transactions and underlying payment instruments will change.
... Security measures to protect against fraud will change. So a couple of thoughts wrt. W3C.
... Do we have a good feeling what current security measures look like to protect the ecosystem (attacks on card data). How do we see W3C positioned within that landscape. Do we feel more can be done? What are the approaches? FIDO, EMVCo, etc. What are the emerging products and who is emerging them.
... This has to do with the right tension, ease of the customer transaction - vs. making that transaction secure. As an industry, how is security being viewed.
... Then there are specifics around regulation, PSD2, SEPA, SC Auth, what other regulatory factors exist?

<Ian> ("what are the problems"? "Who is involved in solving them as a whole?" "What are the regulatory pressures?")

Ben: Then, once a lot of that is understood, better understanding of landscape, what areas are relevant to W3C?
... How does W3C want to go into that, how that translate into the Web Payments WG.

<Ian> [David Ezell, NACS]

dezell: I split the topics into 3 areas.
... General transaction requirements
... Financial industry requirements
... Common requirements to payment transaction and financial industry.
... General requirements - #1 digital receipts

<Ian> (There are digital receipts standards, e.g., ARTS)

dezell: For any topic that I mention, the first thing to do is state the problem and check parallel work. There are probably digital receipts elsewhere, reference them, produce something that fulfills something more effectively.
... This is not necessarily suggestions for new work.
... #2 - a transaction data model - the federal government wants to know what fuel products are being bought, being able to aggregate purchase information.
... so, refining capacity can be tailored... all of that information, the decentralized locus of control is payment network. For financial industry, these are things that don't have to do with mining goods/services in browser, but organizations like Bloomberg, purchase orders, invoices, account advice, those are data model items.
... How do we make purchase orders, invoices, account advice available to broader Web ecosystem.
... #3 real-time regulatory reporting - we could do research on that.
... One of the biggest things - identification of security gaps. sensitive data or PII that should be private is exposed. HTTPS type encryption is not adequate in a lot of environments, that inadequacy is coming soon in our direction.
... Ancillary topics - point to point encryption, tokenization, and those sorts of things. Finally, clearer support for push payments. Mobile web applications have the ability to communicate with issuer and issuer communicates with acquirer.
... We want to make sure they're useful, help level the playing field on these topics.

Jeff: That outline of topics is supportive of what I said in the beginning, what we could do, I think a possible approach to this task force is to accumulate topics and then prioritize 3-4 of them that seem most promising and do some more detailed analysis, how big are the stakeholders, how many of them are there? That's a possible approach to filtering down from a universe of things we could do to a small number of tangible things we can focus on.

<Ian> ===

<Ian> * What specific problem are we solving?

<Ian> * How big is the problem?

<Ian> * Why is W3C in a unique position to help solve it?

<Ian> * Who needs to be involved?

<Ian> * What work is going on elsewhere?

Ian: Yes, as we hear other questions we should take back and use/answer the questions above as we analyze each one.

<dezell> without interrupting - segregating "what could be a standard" from "what should be research" can also help.

Ian: For example, for digital receipts, there are standards for that, but what is missing from specific use cases where W3C could add value. If only we had the means to do X, the Web could benefit in way Y.
... W3C is well positioned to help end-users. There are a lot of organizations that help back-end processes, so focus on users is not exclusive, but it's a good starting point.

<Ian> [Ted Guild, W3C]

Ted: Ted from W3C, I lead the standards effort that's taking place around connected vehicles.

<dezell> also 1 note - I didn't mention Regulatory issues since we have a current Task Force.

Ted: Back at TPAC in Sapporo, Automotive and Web Payments met, Jaguar did a presentation on use cases for handling payment transactions from vehicles, both the activities reached a level of maturity where we want to look at these things in more detail.
... There is some momentum here that's worth exploring.

Ian: Can you say a word around payment scenarios and vehicles (the most interesting ones)?

Ted: Fuel, Charging, Tolls, usage and congestion fees, etc.

<Ian> (interesting: electric may reduce fuel tax revenue; need new revenue models)

Ted: Car sharing scenarios, subscribing to ride sharing services, avoid distractability, etc.

Ian: That suggests another items to the list "incentives" - what are the new incentives to drive these business cases?

<ted> Automotive Web Payments notes

<Ian> [Ken Mealey, Amex]

Ken: From a purely parochial perspective, we have a particular way of looking at payments in general (from a holistic lifecycle perspective).
... We are trying to align with other WG members with how they look at payments lifecycle. I don't know if there is an opportunity to put project management relationship between IG and WG?
... If WG comes up with poorly defined requirements, those get kicked back to IG for further refinement.
... Amex tends to look at a roadmap, two general buckets that are getting in scale - regulatory activity at a global basis, and then how authentication is working together - biometric authentication is being mandated in india, how will that impact the work we're doing, should we incorporate a regulatory review of trends happening? How will that impact requirements? Roadmap - as Web Payments are involving, is there a way to incorporate that type of view into the IG deliberations? How would it be integrated into overall work we're doing?

<Ian> [Manu Sporny, Digital Bazaar]

<Ian> Manu: How can we bring work going on at W3C today so that the user experience is seamless? What is the relation to digital wallets?

<Ian> ...payment request API, digital offers, verifiable claims...digital wallets make use of all of these

<Ian> ...merchants want users to be able to fulfill certain conditions, some of which can be expressed via verifiable claims

<Ian> ...what we see missing is linking all of these things

<Ian> ...there are broader ecosystems considerations that we need to take into account

<Ian> ...digital bazaar lens is that people will use digital wallets

<Ian> ..so analyzing those use cases, specifically with W3C technology and how end user is affected is what we'd like to do this year

<Ian> [Dapeng Liu, Alipay]

Max: Some initial thoughts - in the Lisbon meeting, we invited some Chinese vendors to demonstrate their payment products to show the user experience.
... We haven't had enough time to discuss new requirements for different kinds of payment scenarios, we can continue this activity in this payments interest group - more vendors, not limited to Chinese vendors to demonstrate their product, develop use cases and identify problems, that would be useful.
... Second one, in Payment WG, we have PaymentRequest API, the specification can support both web-based and native payment apps. The truth is that we haven't spent enough time on the native payment apps. So, maybe in this payments IG, we can develop requirements and use cases for native payment apps.
... For example, how do native payment apps interact with web and how does native app interact with web?

<Ian> "Virtual Reality Payments"

Max: The third thing I want to discuss - Virtual Reality payments - this is a hot topic right now. Alipay has a VR payment product.

<Ian> (See the recent Virtual Reality Workshop => https://www.w3.org/2016/06/vr-workshop/ )

<Ian> ( Report => https://www.w3.org/2016/06/vr-workshop/report.html )

Max: In this product, the users can buy things in a Virtual ecommerce shop, and they can do the payment using the VR ecommerce shop. If the user uses the web browser as the VR platform, there will be requirements for VR payments.
... The fourth one is security, as many colleagues mentioned - security is important. There was an effort in W3C that is trying to standardize interface between web and trusted execution environment.
... There was no result coming from that effort?
... So, how does interaction with a Trusted Execution Environment and the Web work?
... Those are initial thoughts.

<Ian> [Natasha Rooney, GSMA]

<Ian> * PSD2 changes

<Ian> * Developing world payments

<Ian> * Mobile Money API from GSMA (connects merchant to mobile money platforms)

Natasha: Changes are going to happen in Europe, PSD2 stuff, use cases for payments in developing world. Mobile money transfer is important in developing world, maybe work can be done there wrt. W3C. GSMA has launched mobile money platform - this is more about how merchant takes money and handles it after that.

<Ian> [Pascal Bazin, Gemalto]

Pascal: Security is a big topic for us.
... Card present on the Web, maybe there is no big demand from industry, but CNP on the Web is possible, maybe we could investigate a bit on that.

next steps

Ian: perhaps we can meet at least two more times, are people okay for a next call?

<Ian> Proposal next call: 3 February at 9am ET

manu: +1

<dezell> +1 (I'll be at ISO TG1, but will step out)

Ian: I will send out information for that call.

<Ian> ===

<Ian> * What specific problems need to be solved? What user story illustrates this problem?

<Ian> * How big is the problem?

<Ian> * How will users benefit?

<Ian> * What are the various incentives?

<Ian> * Who needs to be involved in discussions?

<Ian> * What work is going on elsewhere?

<Ian> * Why is W3C in a unique position to help solve it?

<Ian> ====

Ian: I think what will help us make progress is to answer these questions wrt. the topics that have been raised. Internal topics for IG, how do we develop a Roadmap, how do we interact with the WG?

<dezell> I believe creation of WGs is one of several goals for the IG.

Ian: Those are less the sorts of topics that I had in mind, can W3C develop standards that can advance the Web, we should be prepared to compare internal IG topics from what the Web needs and how it needs to expand.
... These are all in scope, but we don't yet know how we should pursue them.
... I'll come back with Agenda and specific requests so people can prepare for Feb 3rd call. I'll send further meeting details out.

Jeff: Given the breadth of what there is to do, and short timeframe before Face-to-Face, what gets done between the phone calls?
... There are something like 20 different things we can pursue, we may want to narrow down what we want to prioritize what we do soon. We assemble 20 topics, figure out what are the most promising, do more structured work between calls.

dezell: I'm trying to look up related work on topics. If we can formulate problem statements, might be good work for next week.

Ian: Stay tuned, will have thoughts via email.

Summary of Action Items

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.148 (CVS log)
$Date: 2017/01/31 18:24:11 $