As of August 2018, the different browsers featured —Edge,
Chrome, and Firefox— have different levels of support for
the W3C APIs. The W3C community is working to achieve
interoperability among these and other browsers to streamline
payments and enable strong authentication on the Web.
Edge
This pre-recorded video illustrates the Open Banking UK API and
the Web Authentication API used in Microsoft Edge. This demo does
not illustrate Payment Request API or Payment Handler API.
The user initiates an Open Banking UK payment, selects a bank, and is redirected to the issuing bank's Web site. Not shown: the user has previously performed a Web Authentication enrollment for this account.
The user logs into their account with a password.
The browser makes use of Windows Hello API —Microsoft's implementation of FIDO specifications— to authenticate the user via facial recognition.
Not shown: the user would then select an account to complete a payment via the Open Banking UK API.
Chrome
This demo illustrates Payment Request API, Payment Handler API,
Web Authentication API, and Open Banking UK used in Google
Chrome.
Enrollment
The user registers an authenticator with their issuing bank (NatWest). The user has a Yubikey ("Neo" model) inserted in his laptop. The user enters a password to log in to the issuing bank, then enrolls the authenticator (by demonstrating presence via the Yubikey). Although it is not shown, the user has previously registered the "Pay with Open Banking" Web-based payment handler (from Worldpay) via the Payment Handler API.
Payment
Now on the demo merchant site, the user triggers Payment Request API by pushing the "Pay with Web Payments" button.
In Chrome's UX, the user selects the "Pay with Open Banking" payment handler and the browser launches it.
The payment handler implements the Open Banking API. Thus, the user selects an issuing bank (NatWest). The payment handler prompts the user to log in to the issuing bank with a password and then authenticates the user with the same Yubikey.
The user then selects a NatWest account and initiates payment via the Open Banking UK API.
The payment handler returns response data for this payment method to the browser (via Payment Handler API), which returns it to the merchant (via Payment Request API).
Firefox
This pre-recorded video illustrates the Firefox implementation of
Web Authentication, as well as the Open Banking UK API. This demo does not illustrate Payment Request
API or Payment Handler API.
The user initiates an Open Banking UK payment, selects a bank (Barclays), and is redirected to the issuing bank's Web site. Not shown: the user has previously performed a Web Authentication enrollment for this account using a Yubikey.
The user logs into their account with a password.
The browser uses Web Authentication and prompts the user to activate the same Yubikey that was used at enrollment.
The user then selects a Barclays account and initiates payment via the Open Banking UK API.