search

w3c / src

Other
7 stars 7 forks source link

Token and token reference use cases #17

Open ianbjacobs opened 5 years ago

ianbjacobs commented 5 years ago

In the tokenization spec [1] we distinguished the use case where the payee receives a "full" payload from the use case where the payee receives only a token reference id (and uses that reference on the back end to fetch the full data).

I assume we still wish to represent both use cases. How does this impact our response data model?

[1] https://w3c.github.io/webpayments-methods-tokenization/

ianbjacobs commented 5 years ago

Per discussion on 29 May [1] I have added "tokenReferenceOnly" as an input preference parameter and "tokenReference" in the response data.

[1] https://www.w3.org/2019/05/29-wpwg-minutes.html#item04

tblachowicz commented 5 years ago

In EMVCo SRC API specification [1] there is a notion of payload type indicator that is an optional parameter that can be provided by the client into Checkout API. There are four values for the PayloadTypeIndicator enumerated type:

It seems a good idea to follow the concept of payload type indicator in the definition of SRC payment method to be able to cover all the use cases as supported by SRC in the latest specification.

Please note, the specification also allows the use of payload type indicator to request a certain type of Payload object in Payload API, but I have not included details above to maintain clarity of my comment.

[1] https://www.emvco.com/terms-of-use/?u=/wp-content/uploads/documents/EMVCo-Secure-Remote-Commerce-Specifications-API-1.0.pdf