Web Payments Working Group

03 May 2018



Ian, mweksler, stpeter, Ken, Kristina, Simon, ChrisBraddock, Sachin, Keyur, Roy, ChrisMarconi, rick, nicktr, RickWaller, asolove, MattDetert, alyver, Marconi, max, adrianhb, gildas


<Ian> Scribe: Ian


Singapore recap


nicktr: The minutes have been cleaned up and are available for review; feedback welcome



scribe: let us know how you would like the TPAC meeting to be organized
... we took an action item to write up a list of priorities for next 6 months


scribe: Ian has written a blog to post after the meeting
... once we've reviewed the priorities

Nick: Thanks Ian for publishing the minutes

Review ftf actions

- currencySystem

- brand selection FAQ underway

- 3DS and next steps


- tokenization

scribe: next meeting is 16 May

IJ: Summary:

- good momentum on tokenization; edits to spec and will talk about prototyping

- 3DS; had good discussion at FTF meeting and now need to strategize short and longer term


NickTR: AdrianHB and Ian and I discussed the meeting on Monday
... we liked the breakouts in particular
... feedback on breakouts very welcome

stpeter: Seems like good energy and progress, so steady on!


NickTR: Those are in priority order

1. Close issues for Payment Request API and Payment Method Identifiers, complete the test suite, demonstrate interoperability of implementations, advance the specifications to Recommendation, and foster merchant adoption

2. Continue to refine Payment Handler API and Payment Method Manifest and push for more implementation in browsers. Identify and work with distributors of Web-based payment apps.

NickTR: AdrianHB and I are enthusiastic to see a flowering ecosystem of 3rd party payment handlers

3. Develop a shared understanding of the future of strong authentication for Web payments in collaboration with EMVCo and the FIDO Alliance. Determine how to support 3DS2 flows in conjunction with Payment Request.

NickTR: There's been a lot of media coverage of the web authn work

Ian: see the press release:

FIDO Alliance and W3C Achieve Major Standards Milestone in Global Effort Towards Simpler, Stronger Authentication on the Web


scribe: seems like a good opportunity to meld 3DS2 with WebAuthN

4. Solidify the tokenized card payment method specification through experimentation and encourage deployment in Web-based payment handlers.

IJ: See Keyur's contributions about encryption => https://github.com/w3c/webpayments-crypto/blob/master/payment-encryption.md

5. Make progress on push payments (notably credit transfers and perhaps direct debits) in alignment with PSD2 requirements around strong authentication and open banking APIs. This is likely to involve strengthening our liaisons with open API efforts in Europe such as Open Banking UK and the Berlin Group.

NickTR: Any comments or reprioritization?

stpeter: One could quibble, but personally I think that tokenization has energy and is an existing technology that might be further along than 3DS....perhaps quicker than strong auth
... The challenge that I think about most as we implement in Firefox is merchant adoption.
... I don't think it's just a question of communication; it's a challenge of ceding control
... this is the bread and butter of a merchant; I think there is some work going on and to hear what companies have found
... It's a tricky topic and we need to find a way to work through it.

alyver: We've been running some experiments for several months with PR API running on a number of enterprise level clients
... we are putting together a brief that we will share with this group
... there are two points that I want to raise: merchants are not necessarily skittish; they have trusted us as a platform
... but what's missing for them is support for discount codes. Up to half of people have dropped out since they want to go through legacy UX to get the discount code. I think that is missing from the focus of the next six months
... the other thing is that buyers themselves are skittish...they see the payment sheet open and has little merchant branding, which may scare some off.

NickTR: Very helpful feedback, thank you

alyver: Expect report in a couple of weeks

stpeter: Our mozilla research shows that users may not know what to do to ask for help.

alyver: I think it's just apprehension to the sheet popping open with minimal info about the merchant; it doesn't carry over the look and feel from the shop (though we should not adopt that)
... I think it's relatively new and as we see more adoption I am optimistic that people will become accustomed to it.

Ian: (1) I'd like to gather feedback especially around UX hurdles and then convene browser vendors to hear that

(2) let's get to discount code

(3) favicon in the sheet?

stpeter: Our code shows origin
... doesn't have familiar guideposts; I think that would be helpful.

<scribe> ACTION: Ian to raise an issue about use of favicon in the sheet.

<trackbot> 'Ian' is an ambiguous username. Please try a different identifier, such as family name or username (e.g., IFSF-EFT-WG-Lead, ijacobs).

alyver: I don't think favicon would hurt

<nicktr> q

stpeter: We do have user research underway; these are questions we could put into he mix

<Zakim> nicktr, you wanted to note terminal user interface

<nicktr> ack

nicktr: The discussion about merchant prompt in the payment sheet is interesting
... the analogy closest to me is that the UX is presented at a POS
... there is little to know merchant branding on the device itself
... but there is a consistency of experience ACROSS merchants
... regarding discount code, let's ask the editors to take this to their next meeting

stpeter: We now have new data about importance of discount code

IJ: Are the editors meeting on a regular basis?

Roy: Yes. I will convey this issue to them.

<scribe> ACTION: Roy to convey to the PR API editors the newly underlined importance of discount code

<trackbot> Created ACTION-93 - Convey to the pr api editors the newly underlined importance of discount code [on Roy McElmurry - due 2018-05-10].

Task Force next steps

<scribe> scribenick: NickTR

ian: 3ds meets in 30 minutes time
... everyone is welcome

<Ian> https://lists.w3.org/Archives/Public/public-payments-wg/2018May/0009.html

ian: we have new short and long term avenues to pursue
... we still need to do work on confirming the payment handler value prop for 3ds
... and we need to confirm the browser role for 3ds as discussed in Singapore
... I am working with Wendy Seltzer to facilitate a conversation between FIDO and EMV
... these are our three priorities on 3DS
... for tokenisation it's about the data model and prototyping
... Mastercard and Capital One are still involved and Mozilla are looking at whether they can provide some resource
... and the next piece on tokenisation is the encryption
... on credit transfer, there is new discussion on SEPA from Vincent
... I am not sure who is taking the lead on this work
... volunteers are welcome
... we have not been meeting lately and we need to decide if we should restart the meetings
... merchant adoption is partly iconography and some of the FAQ/developer guide work, but hopefully as the specs stabilise we can return to this

<Ian> NickTR: IT's great to have this much work in parallel

<Ian> ..if you feel like your org can lend some weight to one or another topic, e.g., through prototyping or working on a spec, or just raising issues, that would be great


ian: I found FtF meeting very useful and appreciate people travelling

<Ian> 22-23 October in Lyon

ian: our next meeting is at TPAC
... I wondered if there was value in a FtF meeting before then, for example between implementers focussed on getting PR over the line before TPAC
... if so this is something for August or September
... and so I wondered what the appetite would be
... there is a focus of implementers in the Bay area

<mweksler> +1 on f2f meeting before tpac

<Ian> stpeter: that sounds like a good idea....

<stpeter> https://wiki.mozilla.org/Firefox/Features/Web_Payments

<alyver> +1

<mweksler> if in bay area, i'm happy to consider hosting at airbnb

<Ian> stpeter: From a firefox perspective, after 17 Aug

<Ian> IJ: Any concerns?

Ian: In particular, it would be PR and testing, and then possibly some payment handler stuff

<Ian> ...the priorities would be PR API / testing and then secondarily PH API

<Ian> ACTION: NickTR to work with AdrianHB and Ian on ideas for an implementation FTF

<trackbot> Created ACTION-94 - Work with adrianhb and ian on ideas for an implementation ftf [on Nick Telford-Reed - due 2018-05-10].

Next meeting

<Ian> Proposed 17 May

<AdrianHB> +1

<Ian> NickTR: AOB?

<Ian> NickTR: All help welcome (testing, prototyping, etc.) very welcome



Summary of Action Items

[NEW] ACTION: Ian to raise an issue about use of favicon in the sheet.
[NEW] ACTION: NickTR to work with AdrianHB and Ian on ideas for an implementation FTF
[NEW] ACTION: Roy to convey to the PR API editors the newly underlined importance of discount code

Summary of Resolutions

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.152 (CVS log)
$Date: 2018/05/03 14:49:46 $