cyberphone
commented
1 month ago The relying party model expressed by the current ARF https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/docs/arf.md#42-reference-architecture builds on that payment authorizations are made directly to the Bank. However, the DigitalLabor solution does not do that; their solution make Merchants a relying party which they are not. Therefore, we can safely assume that other EUIDW payment solutions build on the original ARF approach. EDIT: verified. @paolo-de-rosa
After 8+ months of deep diving into this topic it is clear beyond doubt that the LSPs and other parties developing a payment authorization option for the EUIDW do not build on a common architecture and specification. The main reason for this is the lack of a dedicated project dealing with this application: openid/OpenID4VP/issues/188.
The technically most obvious reason for the [anticipated] lack of interoperability, is the lack of an agreed interface to payment networks. One of the very few initiatives (actually the only...) that have published a specification, builds on an API called "Signed Payment Request" which has no standing in any EUIDW-related documentation: https://github.com/digitallabor-berlin/eudiw-sca/blob/fbbaf948594998e57a21f772ed0b630798b32bff/openbanking-r2s.md In addition to that, this specification is extremely complex and does a lot of things existing, time-proven payment authorization systems like EMV do not, like including Payee account number in Payer authorization requests.
Due to this [somewhat alarming] situation, I'm currently tinkering with a version of EUIDW-4-Payments called "Saturn". It builds on an established payment concept (EMV), but adds things like e-receipts and gas-station payments which seem (?) to be out of scope for the LSPs: https://cyberphone.github.io/wallet-core/doc/. Since the connection to the bank represents a major hurdle (for everybody), the next step on this journey is creating a more scalable version of "Signed Payment Request".