Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Intent to prototype: Payment Handler API

Skip to first unread message

Dan Glastonbury

Jul 12, 2020, 8:55:23 PM7/12/20

The Payment Handler API allows web applications to register themselves as
capable of "handling payments". That is, they can handle payment requests
coming from the Payment Request API. Traditionally, handling payment
requests has been limited to OS specific payment handlers, and only to
particular browsers (Apple Pay on Safari, Google Pay for Chrome, for
instance). This new API has the potential to disrupt the payments
ecosystems, while also providing some much needed security to prevent
credit card fraud in the payments space.



Platform coverage: Desktop initially, Android later.

Preference: dom.payments.handler.enabled (plus potentially others at

DevTools bug: none yet. We're still working out the details of what we
might actually want.

Other browsers:

* Chrome shipped since version 68


Secure contexts: Yes

Is this feature enabled by default in sandboxed iframes?

No. We are thinking that it's only available to top-level browsing
contexts, otherwise controlled by permission policy.

Link to standards-positions discussion: (worth

How stable is the spec: some parts are stable (e.g., some of the events) …
other parts, not so much (e.g., payment instruments database).

Security & Privacy Concerns: a bunch of ongoing work is happening in this
space together with our colleagues at Google, as well as with the financial
industry at large. We hope that to see all that work reflected back in the
spec as we do our prototyping and find issues.

Aug 5, 2020, 11:24:36 PM8/5/20
After some initial prototyping, we've decided to put the Payment Handler API on hold for now. We are instead focusing on continuing to improve credit card autofill in Firefox.

We plan to continue working with the W3C's Web payments working group to see if we can come up with something better to enable secure payments on the web.
0 new messages