See also: IRC log
present+
https://lists.w3.org/Archives/Public/public-payments-wg/2017Mar/0032.html
<scribe> scribe: Ian
Frank: I have been arguing in
favor of sharing line items with payment app
... and also realized that there is other customer data that is
not shared currently with the payment app
... the suggestion is that when the payment app requests
permission to handle payments, to also ask (in a fine-grained
way) permission to receive the customer info
rouslan: This would work on the
registration side but we also need to figure out how to manage
this on the PR API side
... some merchants do not wish to share information.
... so we also need a proposal to modify PR API about sharing
of line items with the payment app
... or expose to the merchant site whether the payment app will
request the display items, so that the merchant can choose not
to provide
... in either case, we need to say how this affects the
merchant web site
frank: This is the user/payment app relationship. If the merchant is reluctant to share payment line items, they should not pass them
alyver: There are situations where shopify would not pass through the data. But for most payment methods we don't want to pass through.
adamR: I wanted to respond
quickly to rouslan's point about "not showing these apps";
there are some assumptions about permissions built in. I think
adding these permissions will complicate things. But if we do,
I think that we need to enable the payment app to request
permission to collect data and still be registered if the
answer is no
... we do need to think carefully about the permissions
model...I don't think we need something that complicated;
withholding info from app should not block registration of the
app
frank: I agree with Adam that the
payment app should be registrable even if no permission to
collect data.
... if we go down the route of asking for permission at
registration time, I don't think we need fine-grain permissions
(e.g., per site)
... either the user agrees for all sites or not
... Either user installs or app and shares info or does not
install it.
AdamR: I find that
problematic
... I would not want an ecosystem where all apps ask for info
and if the answer is no can still use the app.
Frank: AdamR makes a valid point
IJ: Marcos talked about different ways to get permissions...
AdamR: Top-level point is user is asked for permissions but how can be seen as an implementation detail
IJ: Anybody want to weigh in in
support of this?
... should we talk to the Thursday call?
AdamR: Personally, I think this
is adding complication beyond the value
... I would be curious if there are concrete use cases for
payment apps where we can demonstrate that they can't do what
they want without this information.
... I think +1 to take temp of group on Thursday
frank: I wouldn't say it's *impossible* if we don't get it; the payment app can also ask for details; but that makes the user experience worse and there's a risk of mismatching information
AdamR: Please say more about use cases
frank: We do real-time credit
assessment at time of purchase. There's a lot of regulation
about presenting financing terms. We need the user information
as a result.
... a lot of the information we need is part of the PR API data
set
... what being purchased, customer details, shipping
address
IJ: How do you imagine, Rouslan, the merchant preference playing out?
Q1) Can payment app request that user agent include other data in request object => payment app request object?
Q2) Can merchant request that user agent NOT include line item details in the payment app request object?
<AdrianHB> Making this info hard for the payment app to get puts payment apps built into user agents at an unfair advantage (i.e. Android Pay, Samsung Pay etc)
Rouslan: one compromise for Q2 was to ask merchant web sites to pass in more vague display items (e.g., tax/shipping/subtotal) and not details about shirts and shoes
alyver: There was a comment also
that beyond 5-10 items the UI is unwieldly
... I don't know if we are displaying all the line items or
just the high-level ones
frank: If the merchant is focused
on line items...our use case for line items would not be filled
by the information currently there.
... I have no problem removing display items from my
proposal.
rouslan: If display items are not
there, then the rest of the information is in user's control to
pass. And I think user agent should help user pass data.
... make sure that you can handle EMPTY data
alyver: Zach had also mentioned passing data specific to a payment method
frank: Yes, that's how we could instruct our merchants to use the API
IJ: Would this be a "karma"
payment method, or basic card (in data blob) or both?
... would you want this to work across payment methods?
frank: We would need other data points as well, so we might do it in our specific payment method.
PROPOSED:
* Thursday call a proposal to include in payment app spec a permission to include user data in payment app request object (but that does not include line items)
<rouslan> +1
frank: +1
(I can present)
https://ianbjacobs.github.io/webpayments-payment-apps-api/
Payment Handler API
IJ: Can I merge this?
rouslan: Let's ask Marcos and AdamR to give a thumbs-up
IJ: I suggest AdamR since he is absorbing marcos' code
AdamR: I have not looked over it yet....I'm actually a little surprised.
IJ: I removed a lot since it no longer seemed necessary
AdamR: I will review this today and weigh in on merge; hope to get my edits in this week
https://github.com/w3c/webpayments/wiki/FTF-March2017
IJ: What should we share? get from the WG?
AdamR: My recollection is that my
1 hour is an update
... and second slot is intended for walking through open
issues
https://github.com/w3c/webpayments-payment-apps-api/issues
AdamR: Regarding 94, not sure I have enough info; we may need to have conversation in Chicago
https://github.com/w3c/webpayments-payment-apps-api/issues/73
https://github.com/w3c/webpayments-payment-apps-api/issues/97
28 March
(AdamR will not make a 28 march call)