Closed crowgames closed 4 years ago
ianbjacobs
commented
4 years ago Hi @crowgames,
The paymentRequestId attribute should help. It is set to the (unique) id of the payment request [1]. So the payment handler should be able to know that this is the same transaction.
Let me know if this would work for your use case.
Ian
crowgames
commented
4 years ago Thanks for your reply @ianbjacobs! What if a user changes the payment handler though? If I my first request is to Handler A and the second (through retry) is to Handler B, the request ID does not help, since both A and B only observe it once. Thanks in advance for the clarification!
marcoscaceres
commented
4 years ago A user cannot switch payment handlers during retry. One can only change the things being retried (eg. new credit card expiry date).
Reading the specification, I wonder how a payment handler would be able to prevent double spending when a user issues a Payment Request retry().
As of my understanding, a Payment Handler probbably triggers a payment after receiving a PaymentRequestEvent. Through the retry, a second PaymentRequestEvent is triggered, which is identical to the first one. For an unaware Payment Handler this would lead to double spending.
In case of switching Payment Method/Handler through a retry, the first Payment Handler stays unaware of the retry mechanism and the second one is unaware of this being a retry. Which would lead to double spending as well, wouldn't it?
Am I missing something in this interpretation of the specifications? Is there a way of the PaymentHandler to detect a retry or deal with this issue in general?