#425: [Payments] shipping and contact info delegation
Discussions
2019-11-26
Ken: we have regular payment requests -- there is an extension, payment handler. you create a payment handler app. this allows these payment handlers to handle shipping addres, etc... using the same approach as payment request. I'm OK with the idea. Seems to mimic what they have in payment request.
Dan: What security context does the payment handler app run in?
Dan: re data minimization -
Ken: you only get access to this when you pay for something. you have to trust it when you install it.
Dan: if you install this payment handler app - say paypal - and then you visit multiple vnedors or websites that support this payment handler - can the payment handler provider track your activity across those properties?
Ken: i think it's only instantiated when you pay for something. the payment handler gives you a list of stored addresses. It gives it not to the web app but to the browser UI so thr payment UI can see the addresses. Then you choose one and it gets sent to the web site.
Hadley: so you only get info (for the wbe site) during a payment?
Ken: yes.
David: the permission to see the addresses doesn't worry me too much as long as the browser UI is designed well. I think i agree with what Kenneith said here. The handlet probably has your address already... the consent is the point.
Ken: your payment app should know your addresses and not the web app... that's the idea.
Hadley: it would be good to make sure our assumptions are spot on.
Dan: i could write something in the issue summarizing this discussion and just ascking for confirmation.
Ken: API looks good to me. The only think i don't understand is "enabledelegates".
Dan: what is the multi-implementation story
2020-01-06
Ken: we got some feedback...
David: my initial cocnern is what the user consent mechanism is... it's not clear to me how the user knows what they are consenting to... how the process may reveal my address.
Ken: this is for payment apps - the payment app knows your address and whether it should share that with ther web site.
David: I'm not sure I trust all the payment handlers to have as much of a focus on privacy as say web browser makers...
Ken: maybe you want to get a trusted UI of what has been shared...
David: the entire reason for this API is to reduce the complexity of the API flow... but do we trust the payment handler. Or does the browser need to add additional UI?
Dan: is that feedback registered with them?
[reviewing responses to comments]
[david to write some more int he issue and we will bump...]
2020-01-20
David: i think this is close to being able to close....
Dan: should we "propose close" this and close it in the plenary?
David: i need to go throuhg the responses in more detail but probably
OpenedSep 25, 2019
こんにちはTAG!
I'm requesting a TAG review of:
Name: Delegate handling of shipping address and payer's contact info to payment handlers.
Explainer: https://github.com/sahel-sh/shipping-contact-delegation/blob/master/Explainer.md
Tests: enable-shipping-contact-delegation change-shipping-option change-shipping-address
Primary contacts: @sahel-sh (editor)
Further details:
You should also know that...
We have a working prototype implemented in Chromium behind web platform experimental features flags. A lot of merchants and payment apps showed interest in our demo at TPAC-2019, in addition to discussions here: https://github.com/w3c/payment-handler/issues/337
We'd prefer the TAG provide feedback as (please select one):
Please preview the issue and check that the links work before submitting. In particular, if anything links to a URL which requires authentication (e.g. Google document), please make sure anyone with the link can access the document.
¹ For background, see our explanation of how to write a good explainer.