The Web Payments Working Group is meeting on 10-11 November as part of TPAC 2025. See also the WPSIG agenda during TPAC.

Minutes

• 10 November
• 11 November

Policies

• W3C Code of Conduct
• Antitrust and competition policy

Agenda

Monday, 10 November 2025

• 09:00-09:30: Welcome, intros, admin, state of the group, goals, dinner
• 09:30-10:30: SPC experimentation findings
  • Visa, Mastercard, Stripe
• 10:30-11:00: Break
  • Show of hands for dinner
• 11:00-12:30:
  • SPC implementation updates and authenticator discussion
    • Double step-up situation? (see issue 287 and issue 315)
    • Desktop
    • Other operating systems
• 12:30-13:45: Lunch
• 13:45-15:00: SPC use cases and issues
  • Topic came up of dropping passkeys from SPC. Discussion.
  • Support for multiple RPs in the Payment Request API for SPC
  • Can SPC be designed to grow to accommodate more use cases more easily? Examples:
    • Agentic
    • Proposal: Extending Payment Confirmation experience to include line items
    • Recurring (see issue 185)
    • This might also help as people think about SPC in light of emerging wallets and digital payment credentials (see wallet comparison)?
    • SPC without passkeys (BBKs alone) for single-factor authentication / registrationless authentication / SMS replacement
    • SPC with cards as authenticators
  • In general, how to encourage more experimentation of new ideas?
• 15:00-15:30: Break
• 15:30-16:00: SPC use cases and issues (continued)
  • Should SPC be limited to passkeys with the payment bit set?
  • Other issue review
• 16:00-16:45: Priorities, activities, longer term plans
• 19:00: Dinner at "Shukei En" restaurant on 29th floor of the Portopia Hotel

Followed by breakout sessions.

The Chairs anticipate a group dinner on Monday.

Tuesday, 11 November 2025

There will be breakout sessions before the group meeting starts

• 09:45-11:00: Digital wallets
  • Facilitated payment links (see comparison of wallet technologies)
    • TAG review issue 1015. (Are TAG members available for this discussion?)
    • Relation to payment handlers and DC API wallets
    • Ask for show of hands whether to take this up (see call for consensus thread with limited support)
  • Payment request / payment handler
    • Improved error codes in Payment Request
    • Any implementation updates?
    • Any adoption update?
    • Any real-world demand for SPC in a payment handler?
    • Are any changes needed to support agentic payment scenarios?
    • Relation to DC API wallets?
  • Other topics
    • See also Thursday trust signals discussion.
• 11:00-11:30: Break
• 11:30-13:00: Payments in Japan
  • Japan governmental agencies on phishing-resistant MFA (Morimori for 15-20 minutes)
  • Survey of state of Japan payment industry, the status of interbank networks, and CBDCs (Takashi Minamii/JCB for 30 minutes)
  • Rakuten perspectives on ecommerce in Japan (Julien Cayzac / Rogerio Matsui) (30 minutes)
• 13:00-14:15: Lunch
• 14:15-15:20: Authentication and Payments
  • DBSC update (Daniel Rubery)
    • Authentication and payments (see also DBSC and WebBotAuth and HTTP SIG)
  • SPC and immediate mediation (Tim Cappalli, 20 mins with discussion)
  • SPC issues to address in MVP
• 15:20-16:00 Joint meeting with Web Authentication WG
  • FIDO requirements for payments (Jean-Luc di Manno, 15 mins)
• 16:00-16:30: Break
• 16:30-18:00: Joint meeting with Web Authentication WG
  • SPC MVP discussion
  • Passkeys and Agentic Commerce (Fahad Saleem, 15 mins with discussion)
  • Ian's slides with agenda

Registration

• Registration
• Who has registered

Notes from discussion

• Key questions:
  • Resolve SPC relationship with passkeys
  • Prioritize MVP features beyond BBK.
• Relationship between SPC project (immediate benefit) and digital payment credentials (more comprehensive architecture, longer term target)
• Can SPC leverage existing credentials that might be on a device (e.g., in a wallet)?
• Make UX guidance more prominent (via pull request)
  • Do we need more support for dark mode?