Difference between revisions of "Secure Payment Confirmation"
From MgmtWiki
(Created page with "==Full Title== W3C standard ==Context== ==Problems== ==Solutions== * [https://www.w3.org/blog/wpwg/2021/10/06/spc-design-choices-for-flexibility-and-scale/ SPC Design Choi...") |
(→Problems) |
||
(5 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
==Context== | ==Context== | ||
+ | [https://www.w3.org/TR/2021/WD-secure-payment-confirmation-20210831/ Secure Payment Confirmation (SPC) is a Web API] to support streamlined authentication during a payment transaction. It is designed to scale authentication across merchants, to be used within a wide range of authentication protocols, and to produce cryptographic evidence that the user has confirmed transaction details. | ||
==Problems== | ==Problems== | ||
+ | * In 2022 versions of Chrome/Edge there is a Secure Payment Confirmation API which requires you to handover your card number in CLEAR to merchants. In addition to violating GDPR, it is based on a stupid idea: Merchants do not need card numbers, they need a payment confirmation which they only can get from the specific payment network. | ||
==Solutions== | ==Solutions== | ||
Line 12: | Line 14: | ||
==References== | ==References== | ||
+ | [[Category: Authentication]] | ||
[[Category: Standard]] | [[Category: Standard]] | ||
+ | [[Category: Payment]] |
Latest revision as of 12:14, 11 June 2022
Full Title
W3C standard
Context
Secure Payment Confirmation (SPC) is a Web API to support streamlined authentication during a payment transaction. It is designed to scale authentication across merchants, to be used within a wide range of authentication protocols, and to produce cryptographic evidence that the user has confirmed transaction details.
Problems
- In 2022 versions of Chrome/Edge there is a Secure Payment Confirmation API which requires you to handover your card number in CLEAR to merchants. In addition to violating GDPR, it is based on a stupid idea: Merchants do not need card numbers, they need a payment confirmation which they only can get from the specific payment network.
Solutions
- SPC Design Choices for Flexibility and Scale 2021-10-06 Ian Jacobs