Intent to Prototype: Secure Payment Confirmation - Opt-Out Support

61 views
Skip to first unread message

Stephen Mcgruer

unread,
May 17, 2022, 9:50:27 AM5/17/22
to blink-dev

Contact emails

smcg...@chromium.org

Explainer

None

Specification

https://w3c.github.io/secure-payment-confirmation

Design docs

https://github.com/w3c/secure-payment-confirmation/issues/172

Summary

Adds an 'opt-out' flow to Secure Payment Confirmation. When the (optional) input flag is set, the SPC UXes will render an 'opt-out' link of some sort that the user can interact with to indicate to the RP that they wish to be opted out.


Note: This work is very experimental, and this I2P should not be taken as a sign of anything other than we are experimenting with this proposal.

Blink component

Blink>Payments

Motivation

In certain regions and situations, developers interacting with Secure Payment Confirmation may need to offer an opt-out experience - in which the user can indicate that they want their information removed from the developers server. Traditionally access to the opt-out experience is embedded directly into the Relying Party's website. However in the case of SPC the Relying Party may not be part of the web content flow, as the authentication may be initiated from a third-party website (e.g., a merchant site). In order to support these needs for an opt-out flow, we are experimenting with direct support for opt-out in the SPC browser UX. (Note that Chrome-stored information is NOT in scope here).


Initial public proposal

https://github.com/w3c/secure-payment-confirmation/issues/172

TAG review


TAG review status

Not applicable

Risks


Interoperability and Compatibility

Gecko: No signal

WebKit: No signal

Web developers: No signals

Other signals:

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

No


Debuggability

Normal devtools javascript debugging capabilities should suffice.


Is this feature fully tested by web-platform-tests?

Not at this time.

Flag name

SecurePaymentConfirmationOptOut (expected, not yet landed)

Requires code in //chrome?

True

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1325854

Estimated milestones

No milestones specified



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5133415903920128

This intent message was generated by Chrome Platform Status.
Reply all
Reply to author
Forward
0 new messages