Open mjbrichards opened 4 years ago
eoln
commented
4 years ago There is also the possibility that Mike doesn't want to give any sensitive data like a Name, or his nickname to Merchant to protect himself from tracking how Mike's gin consumption fluctuates over time. Maybe one time aliases could preserve Anonymous mode to protect from stalkers... There are observations that our young population really likes anonymity when shopping.
mjbrichards
commented
4 years ago Young population? You say the sweetest things...
eoln
commented
4 years ago if estimations are correct (before pandemic) about possibility of reaching the life length to be around 120y, then we are still at the halfway...
mjbrichards
commented
4 years ago Nel mezzo del cammin di nostra vita, Mi ritrovai per una selva oscura Che la diritta via era smarrita...
That sort of thing, you mean?
lewisdaly
commented
4 years ago @MichaelJBRichards yeah this is a great question, and also brings up the possible requirement for PISPs to reserve namespaces in the ALS (e.g. /THIRDPARTY/GPAY/mike) or something like that.
I also wonder if instead of requiring the PISP to respond to POST /transactionRequests, there would be a way to get a POST /authorizations to the PISP. But that request would need to originate from the Payer DFSP, and not the Payee...
The PISP use cases we've been considering up to this point have all assumed that the PISP (via its customer) will initiate interactions with the DFSP who owns the linked account. Consider, however, the following case.
I go to my neighbourhood store and buy a quart of their finest gin and a box of Romeo y Julietas. When I'm asked to pay, I want to use my PISP app (let's say, Google Pay). As you can tell, I went to a pretty traditional store, so they don't have any of that newfangled QR code malarkey. So what do I say to them? Well, obviously I want them to send a request to pay to my Google Pay app. So I think I want to ask them to request payment from Mike@GooglePay (for instance.) Then I want my PISP to play nicely and send back a response (PUT /parties) to say, yes, I speak for that identifier and it's Michael Richards - always assuming I do have an authorised connection to an account somewhere, of course.
Now I (I PISP, that is, not I drinking gin and smoking a cigar) am going to expect to receive a transactionRequest from the merchant. I'm going to respond positively to that, and I'm going to send my own transactionRequest to my bank to say, please pay for the inordinate pleasure my man Mike is going to be dunked in like a donut with a grin. Does this seem like a reasonable thing to expect (the transaction, not the pleasure, of course?)
I understand that we don't need to think about this for MVP. But I want to ask: is this a use case we want to think about for the future? and, if so, what might we need to do to support it? At the very least, I would expect that to include:
It might also have some impact on the notification question...