<scribe> scribe: Ian
https://github.com/w3c/webpayments/wiki/Agenda-20180308
IJ: Expect announcement 9 march
https://github.com/w3c/webpayments/wiki/FTF-April2018
Venue and Hotel
http://www.w3.org/2018/04/singapore-admission.pdf
IJ: We'll have a draft agenda soon
https://www.w3.org/2018/Talks/ij_tokenization_20180308/tokenization.pdf
Spec => https://w3c.github.io/webpayments-methods-tokenization/index.html
[IJ walks through the deck]
https://www.w3.org/2018/Talks/ij_tokenization_20180308/tokenization.pdf
[Encryption]
IJ: Peter just sent a bunch of comments
Peter: We need to drill down on
the details and sketch out the inputs/outputs to the encryption
methods
... I think it make sense to use JOSE/JWE...fine first approach
for FPWD
... we should have enough detail to show people more
well-versed in encryption for feedback
... I made some comments last night...once we work through
those GitHub issues, I am happy to provide more detailed
text
... I think our goal should be to get Encryption + Tokenization
to FPWD to advertise more widely for review
https://github.com/w3c/webpayments-crypto/wiki/Encryption
https://github.com/w3c/webpayments-methods-tokenization/issues/25
<stpeter> https://github.com/w3c/webpayments-methods-tokenization/issues/17
IJ: Do you think we should plan
(formally) to deprecate Basic Card?
... Any thoughts on the future of Basic Card payments?
mweksler: Tokenized Card is not
necessarily the basic card killer
... I don't see them as equivalent
... tokenized card will be superior in many ways so we will
likely want to promote it as the preferred way
... but I don't see the rise of tokenized card to cause Basic
Card to stop being used. I would not deprecate it.
<Zakim> rouslan, you wanted to say we've been encouraging use of more secure payment methods, but many websites still use basic-card, so it will be around for a long time.
rouslan: We have been encouraging
people to use more secure methods but have seen lots of
merchants using basic card
... that confirms our initial expectation that basic card will
be a good transition to PR API
... given number of merchants currently using it, I don't think
we should deprecate it (yet)
... we should track usage metrics and decide when they drop low
enough
<Roy_> +1
IJ: Where do we get usage metric data?
Rouslan: We have metrics in
Chrome
... aggregated, anonymized
... we could share that eventually
stpeter: We have that data as well; as deployment happens we can get some aggregated data and evaluate as a WG the threshold
Giulio: Safari not supporting
Basic Card; we see autofill no the same level of security and
would like to step it up to something more robust
... we don't see going back to Basic Card
IJ: We can copy data from BC to Tokenization and add note to stay in sync
<Ken> +1 Yes, AXP is interested in implementing this...
IJ: See questions on last slide
<Zakim> rouslan, you wanted to say maybe eventually
rouslan: Currently we are focused
on Payment Handler, and payment apps can use this
... we are also focused on changes to PR API since TPAC
... once those are advanced we will look more closely at the
tokenization spec.
IJ: Yes but important to give feedback on the model early
stpeter: Definitely have a strong
interest in tokenization. We don't want to be passing around
PANs
... I would echo Rouslan from a roadmap perspective. Our focus
is PR API
... the tokenization work we want to help with and provide
guidance
... payment handler is hopefully a focus for Q3/4 2018
... tokenization likely after that
Giulio: With apple pay we use a
token and are busy expanding that
... internally, converging to a standard would take some
selling
IJ: I think benefit is lower cost integration. We'll see some 3rd party payment apps sooner
<Ken> +q
Ken: We also need to circle back
with Web Auth
... and there's a relationship in terms of protecting user
data
... we may not have prototype by Singapore, but are looking
forward to FPWD
IJ: Any thoughts from Discover?
Kristina: I think there might be moral support for the spec; I will check on that more.
IJ: Next update - Singapore
[None]
22 March
IJ: FTF meeting sketch for sure
<MattD> exit
Argh, I forgot to do more intro of Shay
sorry Shay!
unintended fast exit :(
<ShayD> No problem, next time then
next time