[Draft]
Web
Payments
Working
Group
Charter
The
mission
of
the
Web
Payments
Working
Group
is
to
make
payments
easier
and
more
secure
on
the
Web.
The
group
seeks
to:
-
streamline
checkout
by
making
it
easier
for
users
to
return
stored
credentials
and
other
information,
and
by
creating
a
consistent
experience
across
Web
sites,
browsers,
and
operating
systems.
These
improvements
should
help
reduce
the
percentage
of
transactions
abandoned
prior
to
completion
("shopping
cart
abandonment")
by
improving
consumer
confidence
in
the
payment
experience;
-
improve
payment
security
by
fostering
digital
payment
method
innovation
on
the
Web;
-
simplify
and
lower
the
cost
of
creating
effective
Web
checkout
experiences;
Under
this
charter,
the
Working
Group
defines
Recommendations
that
allow
for
a
payment
to
be
initiated
within
a
Web
site
or
application.
Start
date
|
9
March
2018
3
February
2020
|
End
date
|
31
December
2019
2021
|
Charter
extension
|
See
Change
History
.
|
Chairs
|
Nick
Telford-Reed,
Worldpay;
Invited
Expert;
Adrian
Hope-Bailie,
Ripple
Coil
|
Team
Contact
(FTE
%:
50%)
40%)
|
Ian
Jacobs
|
Usual
Meeting
Schedule
|
Teleconferences:
Weekly
Face-to-face:
2-3
per
year
|
Scope
Continued
Work
The
Working
Group
will
continue
to
advance
these
existing
specifications
to
Recommendation:
-
Payment
Request
API
,
which
standardizes
an
API
to
allow
merchants
(i.e.,
Web
sites
selling
physical
or
digital
goods)
to
utilize
one
or
more
payment
methods
with
minimal
integration.
User
agents
(e.g.,
browsers)
facilitate
the
payment
flow
between
merchant
and
user,
mediating
the
user
experience
and
providing
consistency
between
different
merchants
and
providers.
-
Payment
Method
Identifiers
,
which
defines
the
validation
and
(where
applicable)
registration
of
identifiers
used
for
matching
purposes
by
other
W3C
payments
specifications.
-
Payment
Handler
API
,
which
defines
capabilities
that
enable
Web
applications
to
handle
payment
requests.
The
specification
defines
how
Web-based
payment
apps
handlers
register
their
capabilities
with
the
user
agent,
how
the
user
agent
communicates
with
them,
and
what
information
is
exchanged.
Note:
Based
on
experience
with
the
Payment
Handler
API,
the
Working
Group
is
discussing
creation
of
a
new
UI
component
where
payments,
authentication,
and
other
activities
can
occur.
This
functionality
would
generalize
some
of
the
current
payment-specific
functionality
of
Payment
Handler
API.
-
Payment
Method
Manifest
,
which
allows
the
curators
of
a
defined
payment
method
or
owners
of
a
proprietary
payment
method
to
authorize
(via
a
manifest
file)
which
payment
apps
handlers
may
be
used
to
fulfill
the
payment
method.
The
scope
of
this
work
extends
to
all
types
of
payment
apps,
handlers,
including
native
mobile
apps
and
Web
apps.
The
Working
Group
will
continue
to
develop
the
following
payment
method
specification,
intended
to
become
a
Working
Group
Note:
-
Basic
Card
Payment
,
which
specifies
request
and
response
data
for
making
simple
card
payments
with
Payment
Request
API.
deleted text:
<p>
The
Working
Group
will
also
look
at
enabling
re-use
of
the
Payment
Request
API
data
model
in
out-of-browser
payments.
One
approach
may
be
to
define
the
model
in
a
binding-
and
encoding-neutral
way.
For
early
work
on
this
topic,
see
<a href= "https://www.w3.org/TR/webpayments-http-messages/">
HTTP
Messages
1.0
</a>.
</p>
Formal
Adoption
of
Work
Under
Consideration
The
Working
Group
has
discussed,
but
not
yet
taken
up
formally,
deleted text:
the
payment
method
specifications
on
the
following
topics.
The
Working
Group
will
decide
whether
these
should
be
published
on
the
Recommendation
Track
or
as
Working
Group
Notes:
topics:
-
Network
tokens
</li>
<li>
Credit
transfers
</li>
<li>
Direct
debits
</li>
<li>
Interledger
payments
(in
cooperation
with
the
<a href= "https://www.w3.org/community/interledger/">
Interledger
Payments
Community
Group
</a>
)
</li>
<li>
Distributed
ledger
payments
</li>
<li>
Leveraging
existing
encryption
mechanisms
to
secure
payment
data,
in
consultation
with
with
relevant
security
groups
in
W3C
and
the
IETF.
EMV®
Secure
Remote
Commerce
(SRC)
deleted text:
</ul>
<p>
The
Working
Group
will
account
for
exception
handling
in
the
design
of
payment
method
specifications.
These
include,
but
are
not
limited
to,
authorization
failures
and
network
failures.
</p>
<h3 id="new-topics">
New
Topics
</h3>
<p>
The
Working
Group
has
had
significant
discussion
about
the
following
topics
and
anticipates
discussion
will
continue:
</p>
<ul>
-
The
relationship
of
Payment
Request
API,
Payment
Handler
API,
Web
Authentication,
and
the
security
model
of
the
Web
to
the
EMV®
3-D
Secure
-
Protocol
and
Core
Functions
Specification.
and
EMV®
Payment
Tokenisation
specifications.
-
Credit
transfers
-
Direct
debits
New
Topics
Working
Group
participants
have
expressed
interest
in
the
following
topics
new
a
number
of
enhancements
to
this
charter:
Payment
Request
1.0
.
These
include:
-
Integration
of
user
payment
instruments
previously
stored
by
the
merchant
(e.g.,
"cards
on
file")
into
the
display
of
options
enabled
through
Payment
Request
API.
-
Multi-tender
payments
-
Discount
codes
-
Trailing
transaction
(such
as
tips
or
post-checkout
hotel
expenses)
-
deleted text:
Access
to
and
validation
of
billing
address
</li>
<li>
Enhancements
to
the
event
model
so
that
payment
methods
involving
merchant
validation
can
do
so
within
the
Payment
Request
API
flow.
</li>
<li>
Facilities
for
improved
error
reporting
to
the
user
-
Facilities
to
enable
merchants
to
test
Payment
Request
API
in
their
environments
The
Working
Group
has
discussed
the
following
payment
methods
but
has
not
developed
any
draft
specifications:
The
Working
Group
will
determine
which
specification
type
best
suits
each
topic,
for
example
through
modifications
to
Payment
Request
API,
through
a
payment
method
specification,
or
some
other
specification.
Curation
of
Working
Group
Resources
The
Working
Group
will
continue
to
curate
the
following
resources
it
has
published:
The
Working
Group
may
publish
similar
informational
resources
deemed
important
for
(e.g.,
FAQs
or
best
practices
documentation)
to
support
the
deleted text:
successful
deployment
of
its
other
deliverables.
deleted text:
<h3 id="discontinued">
Discontinued
Deliverables
</h3>
<p>
The
Working
Group
plans
to
discontinue
work
on
the
following
specification:
</p>
<ul>
<li>
<a href="https://www.w3.org/TR/webpayments-http-api/">
Web
Payments
HTTP
API
1.0
</a>
</li>
</ul>
Out
of
Scope
The
following
topics
are
out
of
scope
for
this
Working
Group.
-
This
It
is
in
scope
for
the
Working
Group
to
discuss
user
experience,
for
example
as
part
of
understanding
user
journeys
during
a
checkout
experience.
However,
this
Working
Group
is
chartered
to
Recommend
programming
interfaces,
not
user
interfaces.
interface
specifics.
-
The
Working
Group
will
not
define
authentication
mechanisms
(e.g.,
hardware-based
solutions
in
securing
transactions,
or
authenticating
users
via
biometry
or
other
mechanisms)
but
should
be
aware
of
industry
developments
to
help
ensure
compatibility
with
the
flows
defined
by
this
group.
The
Web
Payments
Working
Group
anticipates
leveraging
the
deliverables
of
W3C's
Web
Authentication
Working
Group
.
-
A
digital
payment
scheme
is
a
set
of
rules
for
the
execution
of
payment
transactions
that
are
followed
by
adhering
entities
(payment
service
providers,
processors,
issuers,
acquirers,
payers
and
payees),
where
transactions
take
place
over
networks
(such
as
the
Web).
A
digital
payment
instrument
is
an
account,
token,
or
other
means
of
fulfilling
the
payment
provider's
role
in
a
digital
payment
scheme.
Some
digital
payment
schemes
make
use
internally
of
payment
instruments
from
other
payment
schemes.
How
they
register
and
communicate
with
internal
payment
instruments
is
beyond
the
scope
of
this
charter.
Security
and
Privacy
Considerations
A
key
security
consideration
is
the
ability
to
prove
message
integrity
and
authentication
of
all
message
originators.
The
Working
Group
will
work
with
the
organizations
listed
in
the
liaisons
section
of
the
charter
to
help
ensure
API
security.
Protection
of
the
privacy
of
all
participants
in
a
payment
is
important
to
maintaining
the
trust
that
payment
systems
are
dependent
upon
to
function.
A
payment
process
defined
by
this
group
should
not
disclose
private
details
of
the
participants'
identity
or
other
sensitive
information
unless
required
for
operational
purposes,
by
legal
or
jurisdictional
rules,
or
when
deliberately
consented
to
(e.g.
as
part
of
a
loyalty
program)
by
the
owner
of
the
information.
The
design
of
any
API
should
guard
against
the
unwanted
or
inadvertent
leakage
of
such
data
through
exploitation
of
the
API.
Relation
to
Regulatory
Requirements
The
deliverables
of
this
group
should
enable
parties
involved
in
a
payment
transaction
to
meet
any
and
all
regulatory
obligations.
Deliverables
Recommendation
Track
Milestones
Note:
The
group
will
document
significant
changes
from
this
initial
schedule
on
the
group
home
page.
See
below
for
information
about
reference
drafts
.
|
Specification
|
FPWD
|
Most
Recent
CR
|
PR
|
Rec
|
Payment
Request
API
|
April
2016
|
September
2017
April
2019
|
April
2018
October
2020
|
July
2018
December
2020
|
Payment
Method
Identifiers
|
April
2016
|
September
2017
April
2019
|
April
2018
October
2020
|
July
2018
December
2020
|
Payment
Handler
API
|
May
2017
|
September
2018
June
2020
|
April
2019
January
2021
|
July
2019
March
2021
|
Payment
Method
Manifest
|
December
2017
|
June
2020
|
January
2021
|
March
2021
|
SRC
Payment
Method
|
March
2020
|
September
2018
2020
|
April
2019
January
2021
|
July
2019
March
2021
|
Non-Recommendation
Track
Milestones
-
Basic
Card
Payment
is
expected
to
be
published
as
a
Group
Note
in
Q1
2018.
when
Payment
Request
API
1.0
advances
to
Recommendation.
On
Rechartering
Under
this
charter,
the
Working
Group
intends
to
deliver
specifications
for
the
topics
listed
in
the
sections
on
Recommendation
track
milestones
,
Non-Recommendation
track
milestones
,
and
topics
under
consideration
.
The
Working
Group
would
otherwise
expect
to
recharter
for
other
new
Recommendation-track
deliverables.
Dependencies
and
Liaisons
Coordination
deleted text:
<h3 id="wpig">
Web
Commerce
Interest
Group
</h3>
deleted text:
The
mission
of
the
Web
Commerce
Interest
Group
(formerly
the
Web
Payments
Interest
Group)
is
to
improve
Commerce
on
the
Web
for
users,
merchants,
and
other
stakeholders.
The
Working
Group
expects
to
work
with
the
Interest
Group
as
follows:
</p>
<ul>
<li>
The
Interest
Group
may
review
and
comment
on
Working
Group
deliverables.
</li>
<li>
The
Interest
Group
may
play
a
role
as
"industry
analyst,"
understanding
and
communicating
business
and
technology
drivers
that
help
to
make
the
case
for
functionality
enabled
by
the
Working
Group.
As
technology
and
industry
requirements
change,
the
Interest
Group
should
update
their
analyses
and
keep
the
Working
Group
informed.
</li>
</ul>
<h3 id="other-w3c-groups">
Other
W3C
Groups
</h3>
<dl>
<dt>
<a href= "https://www.w3.org/International/core/">
Internationalization
Core
Working
Group
</a>
</dt>
<dd>
Internationalization
and
localization
review.
</dd>
<dt>
<a href="https://www.w3.org/Privacy/">
Privacy
Interest
Group
</a>
</dt>
<dd>
For
privacy
reviews.
</dd>
<dt>
<a href="https://www.w3.org/WAI/APA/">
Accessible
Platform
Architectures
(APA)
all
specifications,
this
Working
Group
will
seek
horizontal
review
deleted text:
</dt>
<dd>
To
help
ensure
the
protocols
provide
support
for
accessibility
to
people
accessibility,
internationalization,
performance,
privacy,
and
security
with
disabilities.
</dd>
<dt>
<a href="https://tag.w3.org/">
Technical
Architecture
Group
(TAG)
</a>
</dt>
<dd>
For
Web
architecture
reviews.
</dd>
<dt>
<a href="https://www.w3.org/2017/vc/WG/">
Verifiable
Claims
the
relevant
Working
Group
and
Interest
Groups,
and
with
the
TAG
.
Invitation
for
review
must
be
issued
during
each
major
standards-track
document
transition,
including
FPWD
</dt>
<dd>
For
discussion
of
identity
requirements.
</dd>
and
at
least
3
months
before
CR
,
and
should
be
issued
when
major
changes
occur
in
a
specification.
W3C
Groups
-
Web
Application
Security
-
For
review
of
security
APIs
and
features.
-
Web
Authentication
Working
Group
-
For
discussion
of
strong
authentication.
-
<a href="https://www.w3.org/2008/webapps/">
Web
Platform
Working
Group
</a>
</dt>
<dd>
For
review
of
JavaScript
APIs
and
manifest
usage.
</dd>
<dt>
<a href="https://www.w3.org/Security/wiki/IG">
Web
Payment
Security
Interest
Group
-
For
discussions
about
Web
payment
security
reviews.
If
the
Working
Group
perceives
the
need
for
IETF
review,
W3C
will
arrange
discussion
through
its
IETF
liaison.
and
use
cases.
Groups
Outside
W3C
-
EMVCo
-
EMVCo
administers
many
specifications
known
collectively
as
EMV®,
including
specifications
about
network
tokenization,
3-D
Secure,
and
Secure
Remote
Commerce.
-
deleted text:
<a href="http://httpwg.org/">
The
IETF
HTTP
Working
Group
</a>
</dt>
<dd>
The
Working
Group
expects
to
coordinate
with
the
IETF
HTTP
Working
Group
regarding
HTTP-based
payment
initiation.
</dd>
<dt>
ISO
TC
68
-
Coordination
with
ISO
TC
68
will
help
achieve
broad
interoperability
of
payment
systems
(e.g.,
through
alignment
between
Web
protocols
and
ISO
20022).
-
<a href="https://www.pcisecuritystandards.org/">
PCI
Security
Standards
Council
Open
Banking
UK
,
STET
,
and
Berlin
Group
-
The
PCI
Security
Standards
Council
is
a
global
forum
for
the
ongoing
development,
enhancement,
storage,
dissemination
and
implementation
of
security
standards
for
account
data
protection.
Coordination
will
help
ensure
the
API
can
be
used
securely
For
discussion
about
open
banking
APIs
and
meet
merchant
goals.
Web
payments.
Participation
To
be
successful,
the
Web
Payments
Working
Group
is
expected
to
have
a
minimum
of
10
active
participants
for
its
duration.
Effective
participation
in
Web
Payments
Working
Group
may
consume
.1
FTE
for
each
participant;
for
editors
this
commitment
may
be
higher.
Participants
in
the
group
are
required
(by
the
W3C
Process
)
to
follow
the
W3C
Code
of
Ethics
and
Professional
Conduct
.
Communication
This
group
primarily
conducts
its
work
on
GitHub
and
the
public
mailing
list
public-payments-wg@w3.org
(
archive
).
Administrative
tasks
may
be
conducted
in
Member-only
communications.
Information
about
the
group
(deliverables,
participants,
face-to-face
meetings,
teleconferences,
etc.)
is
available
from
the
Web
Payments
Working
Group
home
page.
Decision
Policy
As
explained
in
the
Process
Document
(
section
3.3
),
this
group
will
seek
to
make
decisions
when
there
is
consensus.
When
a
Chair
puts
a
question
and
observes
dissent,
after
due
consideration
of
different
opinions,
the
Chair
should
put
a
question
out
for
voting
within
the
group
(allowing
for
remote
asynchronous
participation
--
using,
—using,
for
example,
email
and/or
web-based
survey
techniques)
and
record
a
decision,
along
with
any
objections.
The
matter
should
then
be
considered
resolved
unless
and
until
new
information
becomes
available.
Any
resolution
first
taken
in
a
face-to-face
meeting
or
teleconference
(i.e.,
that
does
not
follow
a
7
day
call
for
consensus
on
the
mailing
list)
is
to
be
considered
provisional
until
5
working
days
after
the
publication
of
the
draft
resolution.
If
no
objections
are
raised
on
the
mailing
list
within
that
time,
the
resolution
will
be
considered
to
have
consensus
as
a
resolution
of
the
Working
Group.
Patent
Policy
This
Working
Group
operates
under
the
W3C
Patent
Policy
</a>.
(Version
of
5
February
2004
updated
1
August
2017).
To
promote
the
widest
adoption
of
Web
standards,
W3C
seeks
to
issue
Recommendations
that
can
be
implemented,
according
to
this
policy,
on
a
Royalty-Free
basis.
For
more
information
about
disclosure
obligations
for
this
group,
please
see
the
W3C
Patent
Policy
Implementation
.
About
this
Charter
This
charter
for
the
Web
Payments
Working
Group
has
been
created
according
to
<a href= "https://www.w3.org/Consortium/Process/groups#GAGeneral">
section
5.2
of
the
Process
Document
.
In
the
event
of
a
conflict
between
this
document
or
the
provisions
of
any
charter
and
the
W3C
Process,
the
W3C
Process
shall
take
precedence.
Charter
History
Charter
Period
|
Start
Date
|
End
Date
|
Changes
|
Initial
Charter
|
21
October
2015
|
31
December
2017
|
N/A
|
Charter
Extension
|
1
January
2018
|
1
March
2018
|
None
(Rechartering)
|
2018
Rechartering
|
9
March
2018
|
31
December
2019
|
Deliverables
under
consideration
since
the
previous
charter
are
listed
in
section
1.2.
|
2020
Rechartering
|
3
February
2020
|
31
December
2021
|
Deliverables
under
consideration
since
the
previous
charter
are
listed
in
section
1.2.
|
Reference
Drafts
as
of
this
Charter
The
following
information
related
to
the
W3C
Patent
Policy
is
provided
as
a
convenience.
-
Payment
Request
API
Latest
publication:
<a href= 'https://www.w3.org/TR/2017/CR-payment-request-20170921/'>
21
September
2017
16
April
2019
-
Reference
Draft:
<a href= 'https://www.w3.org/TR/2017/CR-payment-request-20170914/'>
https://www.w3.org/TR/2017/CR-payment-request-20170914/
https://www.w3.org/TR/2019/CR-payment-request-20190416/
associated
<a href= 'https://lists.w3.org/Archives/Member/member-cfe/2017Sep/0006.html'>
Call
for
Exclusion
on
14
September
2017
16
April
2019
ended
on
13
November
2017
15
June
2019
Produced
under
Working
Group
Charter:
/Payments/WG/charter-201510.html
https://www.w3.org/Payments/WG/charter-201803.html
-
Payment
Method
Identifiers
Latest
publication:
<a href= 'https://www.w3.org/TR/2017/CR-payment-method-id-20170914/'>
14
05
September
2017
2019
-
Reference
Draft:
https://www.w3.org/TR/2017/CR-payment-method-id-20170914/
associated
Call
for
Exclusion
on
14
September
2017
ended
on
13
November
2017
Produced
under
Working
Group
Charter:
/Payments/WG/charter-201510.html
http://www.w3.org/Payments/WG/charter-201510.html
<dt id="1330" class='spec'>
<a href='https://www.w3.org/TR/webpayments-http-messages/' rel= 'versionof'>
Web
Payments
HTTP
Messages
1.0
-
Payment
Handler
API
Latest
publication:
<a href= 'https://www.w3.org/TR/2016/WD-webpayments-http-messages-20160915/'>
15
24
September
2016
2019
-
Reference
Draft:
<a href= 'https://www.w3.org/TR/2016/WD-webpayments-http-messages-20160915/'>
https://www.w3.org/TR/2016/WD-webpayments-http-messages-20160915/
https://www.w3.org/TR/2017/WD-payment-handler-20170518/
associated
<a href= 'https://lists.w3.org/Archives/Member/member-cfe/2016Sep/0008.html'>
Call
for
Exclusion
on
16
September
2016
18
May
2017
ended
on
12
February
15
October
2017
Produced
under
Working
Group
Charter:
/Payments/WG/charter-201510.html
http://www.w3.org/Payments/WG/charter-201510.html
<dt id="1363" class='spec'>
<a href='https://www.w3.org/TR/payment-handler/' rel= 'versionof'>
-
Payment
Handler
API
Method
Manifest
Latest
publication:
<a href= 'https://www.w3.org/TR/2017/WD-payment-handler-20171129/'>
29
November
12
December
2017
-
Reference
Draft:
<a href= 'https://www.w3.org/TR/2017/WD-payment-handler-20170518/'>
https://www.w3.org/TR/2017/WD-payment-handler-20170518/
https://www.w3.org/TR/2017/WD-payment-method-manifest-20171212/
associated
<a href= 'https://lists.w3.org/Archives/Member/member-cfe/2017May/0007.html'>
Call
for
Exclusion
on
18
May
12
December
2017
ended
on
15
October
2017
11
May
2018
Produced
under
Working
Group
Charter:
/Payments/WG/charter-201510.html
http://www.w3.org/Payments/WG/charter-201510.html
Adrian
Hope-Bailie,
Ian
Jacobs,
Nick
Telford-Reed
Copyright
©
2018
2019
W3C
®
(
MIT
,
ERCIM
,
Keio
,
Beihang
),
All
Rights
Reserved.
EMV®
is
a
registered
trademark
in
the
U.S.
and
other
countries
and
an
unregistered
trademark
elsewhere.
The
EMV
trademark
is
owned
by
EMVCo,
LLC.
$Date:
2018/03/09
13:38:32
2019/11/08
14:33:29
$