Web Payments Working Group Charter
This charter has been superseded. See the charter that replaced it.
The mission of the Web Payments Working Group is to make payments
easier and more secure on the Web. The group seeks to:
- streamline checkout by making it easier for users to return stored
credentials and other information, and by creating a consistent
experience across Web sites, browsers, and operating systems. These
improvements should help reduce the percentage of transactions
abandoned prior to completion ("shopping cart abandonment") by
improving consumer confidence in the payment experience;
- improve payment security by fostering digital payment method
innovation on the Web;
- simplify and lower the cost of creating effective Web checkout
experiences;
Under this charter, the Working Group defines Recommendations that
allow for a payment to be initiated within a Web site or application.
Start date
|
9 March 2018
|
End date
|
31 December 2019
|
Charter extension
|
See Change History.
|
Chairs
|
Nick Telford-Reed, Worldpay; Adrian Hope-Bailie, Ripple
|
Team Contact
(FTE %: 50%)
|
Ian Jacobs
|
Usual Meeting Schedule
|
Teleconferences: Weekly
Face-to-face: 2-3 per year
|
Scope
Continued Work
The Working Group will continue to advance these existing
specifications to Recommendation:
-
Payment Request
API, which standardizes an API to allow merchants (i.e., Web
sites selling physical or digital goods) to utilize one or more
payment methods with minimal integration. User agents (e.g.,
browsers) facilitate the payment flow between merchant and user,
mediating the user experience and providing consistency between
different merchants and providers.
-
Payment Method
Identifiers, which defines the validation and (where
applicable) registration of identifiers used for matching purposes
by other W3C payments specifications.
-
Payment Handler
API, which defines capabilities that enable Web applications to
handle payment requests. The specification defines how payment apps
register their capabilities with the user agent, how the user agent
communicates with them, and what information is exchanged.
-
Payment
Method Manifest, which allows the curators of a defined payment
method or owners of a proprietary payment method to authorize (via
a manifest file) which payment apps may be used to fulfill the
payment method. The scope of this work extends to all types of
payment apps, including native mobile apps and Web apps.
The Working Group will continue to develop the following payment
method specification, intended to become a Working Group Note:
-
Basic
Card Payment, which specifies request and response data for
making simple card payments with Payment Request API.
The Working Group will also look at enabling re-use of the Payment
Request API data model in out-of-browser payments. One approach may
be to define the model in a binding- and encoding-neutral way. For
early work on this topic, see HTTP Messages
1.0.
Formal Adoption of Work Under Consideration
The Working Group has discussed, but not yet taken up formally, the
payment method specifications on the following topics. The Working
Group will decide whether these should be published on the
Recommendation Track or as Working Group Notes:
- Network tokens
- Credit transfers
- Direct debits
- Interledger payments (in cooperation with the Interledger Payments
Community Group)
- Distributed ledger payments
- Leveraging existing encryption mechanisms to secure payment data,
in consultation with with relevant security groups in W3C and the
IETF.
The Working Group will account for exception handling in the design
of payment method specifications. These include, but are not limited
to, authorization failures and network failures.
New Topics
The Working Group has had significant discussion about the following
topics and anticipates discussion will continue:
- The relationship of Payment Request API, Payment Handler API, Web
Authentication, and the security model of the Web to the EMV® 3-D
Secure - Protocol and Core Functions Specification.
Working Group participants have expressed interest in the following
topics new to this charter:
- Multi-tender payments
- Discount codes
- Trailing transaction (such as tips or post-checkout hotel
expenses)
- Access to and validation of billing address
- Enhancements to the event model so that payment methods involving
merchant validation can do so within the Payment Request API flow.
- Facilities for improved error reporting to the user
- Facilities to enable merchants to test Payment Request API in
their environments
- Payment app security and filtering
The Working Group will determine which specification type best suits
each topic, for example through modifications to Payment Request API,
through a payment method specification, or some other specification.
Curation of Working Group Resources
The Working Group will continue to curate the following resources it
has published:
The Working Group may publish similar resources deemed important for
the successful deployment of its other deliverables.
Discontinued Deliverables
The Working Group plans to discontinue work on the following
specification:
Out of Scope
The following topics are out of scope for this Working Group.
- This Working Group is chartered to Recommend programming
interfaces, not user interfaces.
- The Working Group will not define authentication mechanisms
(e.g., hardware-based solutions in securing transactions, or
authenticating users via biometry or other mechanisms) but should be
aware of industry developments to help ensure compatibility with the
flows defined by this group. The Web Payments Working Group
anticipates leveraging the deliverables of W3C's Web Authentication Working Group.
- A digital payment scheme is a set of rules for the execution of
payment transactions that are followed by adhering entities (payment
service providers, processors, issuers, acquirers, payers and
payees), where transactions take place over networks (such as the
Web). A digital payment instrument is an account, token, or other
means of fulfilling the payment provider's role in a digital payment
scheme. Some digital payment schemes make use internally of payment
instruments from other payment schemes. How they register and
communicate with internal payment instruments is beyond the scope of
this charter.
Security and Privacy Considerations
A key security consideration is the ability to prove message
integrity and authentication of all message originators. The Working
Group will work with the organizations listed in the liaisons section
of the charter to help ensure API security.
Protection of the privacy of all participants in a payment is
important to maintaining the trust that payment systems are dependent
upon to function. A payment process defined by this group should not
disclose private details of the participants' identity or other
sensitive information unless required for operational purposes, by
legal or jurisdictional rules, or when deliberately consented to
(e.g. as part of a loyalty program) by the owner of the information.
The design of any API should guard against the unwanted or
inadvertent leakage of such data through exploitation of the API.
Relation to Regulatory Requirements
The deliverables of this group should enable parties involved in a
payment transaction to meet any and all regulatory obligations.
Deliverables
Recommendation Track Milestones
Note: The group will document significant changes from this
initial schedule on the group home page. See below for information about reference drafts.
|
Specification
|
FPWD
|
CR
|
PR
|
Rec
|
Payment Request API
|
April 2016
|
September 2017
|
April 2018
|
July 2018
|
Payment Method Identifiers
|
April 2016
|
September 2017
|
April 2018
|
July 2018
|
Payment Handler API
|
May 2017
|
September 2018
|
April 2019
|
July 2019
|
Payment Method Manifest
|
December 2017
|
September 2018
|
April 2019
|
July 2019
|
Non-Recommendation Track Milestones
- Basic Card Payment is expected to be published as a Group Note in
Q1 2018.
On Rechartering
Under this charter, the Working Group intends to deliver
specifications for the topics listed in the sections on Recommendation track milestones, Non-Recommendation track milestones,
and topics under consideration.
The Working Group would otherwise expect to recharter for other new
Recommendation-track deliverables.
Dependencies and Liaisons
Web Commerce Interest Group
The mission of the Web Commerce Interest Group (formerly the Web
Payments Interest Group) is to improve Commerce on the Web for users,
merchants, and other stakeholders. The Working Group expects to work
with the Interest Group as follows:
- The Interest Group may review and comment on Working Group
deliverables.
- The Interest Group may play a role as "industry analyst,"
understanding and communicating business and technology drivers that
help to make the case for functionality enabled by the Working Group.
As technology and industry requirements change, the Interest Group
should update their analyses and keep the Working Group informed.
Other W3C Groups
-
Internationalization Core
Working Group
-
Internationalization and localization review.
-
Privacy Interest Group
-
For privacy reviews.
-
Accessible Platform
Architectures (APA) Working Group
-
To help ensure the protocols provide support for accessibility to
people with disabilities.
-
Technical Architecture Group
(TAG)
-
For Web architecture reviews.
-
Verifiable Claims Working
Group
-
For discussion of identity requirements.
-
Web Application
Security
-
For review of security APIs and features.
-
Web Authentication Working
Group
-
For discussion of strong authentication.
-
Web Platform Working
Group
-
For review of JavaScript APIs and manifest usage.
-
Web Security Interest
Group
-
For security reviews. If the Working Group perceives the need for
IETF review, W3C will arrange discussion through its IETF liaison.
Groups Outside W3C
-
EMVCo
-
EMVCo administers many specifications known collectively as EMV®,
including specifications about network tokenization, 3-D Secure,
and Secure Remote Commerce.
-
The IETF HTTP Working Group
-
The Working Group expects to coordinate with the IETF HTTP Working
Group regarding HTTP-based payment initiation.
-
ISO TC 68
-
Coordination with ISO TC 68 will help achieve broad
interoperability of payment systems (e.g., through alignment
between Web protocols and ISO 20022).
-
PCI Security
Standards Council
-
The PCI Security Standards Council is a global forum for the
ongoing development, enhancement, storage, dissemination and
implementation of security standards for account data protection.
Coordination will help ensure the API can be used securely and meet
merchant goals.
Participation
To be successful, the Web Payments Working Group is expected to have
a minimum of 10 active participants for its duration. Effective
participation in Web Payments Working Group may consume .1 FTE for
each participant; for editors this commitment may be higher.
Communication
This group primarily conducts its work on GitHub and the public
mailing list public-payments-wg@w3.org (archive).
Administrative tasks may be conducted in Member-only communications.
Information about the group (deliverables, participants, face-to-face
meetings, teleconferences, etc.) is available from the Web Payments
Working Group home page.
Decision Policy
As explained in the Process Document (section
3.3), this group will seek to make decisions when there is
consensus. When a Chair puts a question and observes dissent, after
due consideration of different opinions, the Chair should put a
question out for voting within the group (allowing for remote
asynchronous participation -- using, for example, email and/or
web-based survey techniques) and record a decision, along with any
objections. The matter should then be considered resolved unless and
until new information becomes available.
Any resolution first taken in a face-to-face meeting or
teleconference (i.e., that does not follow a 7 day call for consensus
on the mailing list) is to be considered provisional until 5 working
days after the publication of the draft resolution. If no objections
are raised on the mailing list within that time, the resolution will
be considered to have consensus as a resolution of the Working Group.
Patent Policy
This Working Group operates under the W3C Patent Policy.
To promote the widest adoption of Web standards, W3C seeks to issue
Recommendations that can be implemented, according to this policy, on
a Royalty-Free basis.
For more information about disclosure obligations for this group,
please see the W3C
Patent Policy Implementation.
About this Charter
This charter for the Web Payments Working Group has been created
according to section
5.2 of the Process
Document. In the event of a conflict between this document or the
provisions of any charter and the W3C Process, the W3C Process shall
take precedence.
Charter History
Charter Period
|
Start Date
|
End Date
|
Changes
|
Initial
Charter
|
21 October 2015
|
31 December 2017
|
N/A
|
Charter Extension
|
1 January 2018
|
1 March 2018
|
None (Rechartering)
|
2018 Rechartering
|
9 March 2018
|
31 December 2019
|
Deliverables under consideration since the previous charter are listed in section 1.2.
|
Reference Drafts as of this Charter
The following information related to the W3C Patent Policy is provided
as a convenience.
-
Payment Request API
Latest publication: 21
September 2017
-
Reference Draft: https://www.w3.org/TR/2017/CR-payment-request-20170914/
associated Call
for Exclusion on 14 September 2017 ended on 13 November 2017
Produced under Working Group Charter:
/Payments/WG/charter-201510.html
-
Payment Method Identifiers
Latest publication: 14
September 2017
-
Reference Draft: https://www.w3.org/TR/2017/CR-payment-method-id-20170914/
associated Call
for Exclusion on 14 September 2017 ended on 13 November 2017
Produced under Working Group Charter:
/Payments/WG/charter-201510.html
-
Web Payments HTTP Messages 1.0
Latest publication: 15
September 2016
-
Reference Draft: https://www.w3.org/TR/2016/WD-webpayments-http-messages-20160915/
associated Call
for Exclusion on 16 September 2016 ended on 12 February 2017
Produced under Working Group Charter:
/Payments/WG/charter-201510.html
-
Payment Handler API
Latest publication: 29 November
2017
-
Reference Draft: https://www.w3.org/TR/2017/WD-payment-handler-20170518/
associated Call
for Exclusion on 18 May 2017 ended on 15 October 2017
Produced under Working Group Charter:
/Payments/WG/charter-201510.html
Adrian Hope-Bailie, Ian Jacobs, Nick Telford-Reed
Copyright
© 2018 W3C ® (MIT, ERCIM,
Keio, Beihang), All Rights Reserved.
$Date: 2019/12/19 03:24:48 $