Copyright © 2017 W3C® (MIT, ERCIM, Keio, Beihang). W3C liability, trademark and permissive document license rules apply.
This specification describes data structures for card-based payments using WebIDL. It is used by other specifications to facilitate monetary transactions with "basic cards", such as credit and debit cards.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
The working group maintains a list of all bug reports that the group has not yet addressed. Pull requests with proposed specification text for outstanding issues are strongly encouraged.
If you wish to make comments regarding this document, please raise them as GitHub issues. Only send comments by email if you are unable to raise issues on GitHub (see links below). All comments are welcome.
This document was published by the Web Payments Working Group as a Working Draft.
Publication as a Working Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. The group does not expect this document to become a W3C Recommendation. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
This document is governed by the 1 March 2017 W3C Process Document.
This section is non-normative.
This specification is a Payment Method specification for use, for instance, with the PaymentRequest API. With it, merchants can collect the basic card details (card holder name, card number, etc.) as an alternative to collecting the same information through a HTML form.
The Web Payments Working Group is also investigating payment methods that offer greater security (e.g., through tokenization).
The standardized
payment method identifier for this specification is "
basic-card
".
BasicCardRequest
dictionary
dictionary BasicCardRequest
{
sequence<DOMString> supportedNetworks
;
sequence<BasicCardType
> supportedTypes
;
};
The BasicCardRequest
dictionary contains the following members:
supportedNetworks
supportedNetworks
member contains a sequence of identifiers for card networks that the merchant accepts. W3C maintains a list of approved card
network identifiers.
supportedTypes
supportedTypes
member contains a sequence of card types that the merchant accepts. Implementations will determine how to match
the type values credit
, debit
, and
prepaid
.
The supportedNetworks
and supportedTypes
members are both optional. If neither is provided then any card may be returned. If only
supportedNetworks
is provided then any card type may be returned provided it matches one of the networks. If only supportedTypes
is provided then a card may be returned from any network provided it matches one of the types.
BasicCardType
enum
enum BasicCardType
{
"credit",
"debit",
"prepaid"
};
credit
debit
prepaid
BasicCardResponse
dictionary
dictionary BasicCardResponse
{
required DOMString cardNumber
;
DOMString cardholderName
;
DOMString cardSecurityCode
;
DOMString expiryMonth
;
DOMString expiryYear
;
PaymentAddress
? billingAddress
;
};
The BasicCardResponse
dictionary contains the following members:
cardholderName
cardholderName
member contains the cardholder's name as it appears on the card.
cardNumber
cardNumber
member contains the primary account number (PAN) for the payment card.
expiryMonth
expiryMonth
member contains a two-digit string for the expiry month of the card in the range 01
to
12
.
expiryYear
expiryYear
member contains a four-digit string for the expiry year of the card in the range 0000
to
9999
.
cardSecurityCode
cardSecurityCode
member contains a three or four digit string for the security code of the card (sometimes known as the CVV,
CVC, CVN, CVE or CID).
billingAddress
billingAddress
member optionally contains a
PaymentAddress
that represents the billing address associated with the card.
Owners of web sites SHOULD NOT store the payer's card information except where warranted, such as storage for future and recurring payments. When card information is stored, web site owners SHOULD take measures to prevent its disclosure.
Note: Implementers may be subject to PCI DSS or other regulations, but discussion of those considerations lies outside the scope of this document.