FTF Mar2020 - w3c/webpayments GitHub Wiki

NOTE: Due to widespread travel restrictions, the Working Group at their 5 March teleconference resolved to transform this face-to-face agenda into a remote-first meeting. Details forthcoming.

Remote-first Agendas

Minutes

Reading / preparation materials

For all days

For Day 1

For Day 2

Logistics

30 March

Objective: Reach consensus on a series of proposals related to payment handler behavior based on a privacy analysis.

Topics:

If useful: Slides with all proposals and discussion points of proposals

31 March

Objective: Reach consensus on an architecture for doing SRC through Payment Request API.

Topic:

1 April

Objectives:

  • Informational updates around Web Authentication
  • Synthesis of joint task force discussion to engage full WG on key topics, notably on possible capability requirements.

Topics:

2 April

Objectives:

  • Hear merchant feedback on Payment Request API and what else may be needed.
  • Rekindle engagement around open banking APIs with PR API.

Topics:

HISTORICAL: Original Agendas (FTF)

This information is left here for archival purposes, but this meeting will not take place as originally scheduled.

30-31 March WPWG Face-to-face meeting

Preparation

Day 1 - 30th March

  • 8:30-9:00 Get settled, laptop set up, coffee fuelling etc
  • 9:00-9:15 Chair welcome, round the table introductions, administrivia
  • 9:15-9:30 Review of agenda, goals, breakout session ideas. Note two day code-a-thon to follow
  • 9:30-10:00 Payment request and payment handler deployment update
  • 10:00-10:30 Payment handler privacy analysis.
  • 10:30-11:00 Coffee break
  • 11:00-13:00 Payment handler feature proposals based on privacy and usability analyses. Goal is to understand whether there is consensus on proposed mitigation strategies, especially among payment handler distributors, browser implementers, and security and privacy experts.
  • 13:00-14:00 Lunch
  • 14:00-15:00 Card security payment task force
    • Update on SRC payment method
  • 15:00-15:30 Coffee break
  • 15:30-17:00 Breakout session 1
  • 17:00-17:20 Recap on breakouts
  • 17:20-17:30 Closing day 1

Day 2 - 31st March

  • 8:45-9:00: Agenda updates. Group photo.
  • 9:00-10:30: Authentication
    • Update from the WebAuthn WG (Tony Nadalin)
    • Update from the joint task force on payments use cases for Web Authentication (Likely Ian)
  • 10:30-11:00: Coffee
  • 11:00-12:00: Open banking insights (Chris Michael)
  • 12:30-13:00: Code-a-thon prep
  • 13:00-14:00: Lunch
  • 14:00-14:30 Getting implementation traction
    • How do we get more merchant implementations?
    • What are we missing?
  • 14:30-15:00: Action planning - moving our recommendation track documents along
  • 15:00-16:00 Wrapup
    • Next meeting (TPAC)
    • Stay tuned for Merchant BG
    • Review of priorities and actions

1-2 April WPWG code-a-thon

This meeting is intended for WPWG participants who code to work together (with meeting guests) on user experiences for different payment method and authentication flows. See the November 2019 call for use cases.

There is no cost for guests to attend this meeting.

Note: In parallel, the Web Payment Security IG will hold a 1-day meeting on 1 April.

Ideas for projects

  • Airbnb: integrate card on file into PR API UX
  • Airbnb: use PR API for account creation
  • Chrome: payment app selector user interface in the browser. In other words, the sheet is reduced to a selector.
  • Chrome: Preferred payment handler.
  • Chrome: Minimal UX payment handler
  • Chrome: Payment handler that installs another payment handler or hands execution to another payment handler.
  • Chrome: How to store authentication results for future reference from a payment handler (and/or embedded iframe). For example, some identity information stored in indexDB.
  • Ian: ShowCheckoutButtons. Addresses privacy issues; let's user select a payment handler first, before merchant calls PR API. Merchants could control color palette of the selector (or other customizations such as the name of the primary action button).
  • Chrome: Show UX when the merchant calls PR API (like microphone icon used to show that mic is active). Click on the icon to set the default payment handler for the site.
  • Chrome: New consent / awareness behaviors based on privacy analysis.
  • Chrome: Clarify for user status when payment handler window is open (e.g., things a web page cannot do such as blur the browser top nav bar).
  • STET: Open banking API flow (cf diagrams)
  • Payment handler updates instrument information in the background.
  • Payment handler unregisters itself once payment instrument is no longer available.
  • Mobile money use cases

Participation

Agenda notes

  • Consent to pay fulfilled through Web Authentication gesture
  • Review value proposition of PR API and PH API
  • Minimal UI demo (AHB)
  • Demos by guests
  • Status of modal dialog proposal / any update on UX research?
  • Open Banking API updates
  • Merchant perspectives on implementing SCA
  • Merchant in Irish market
  • Merchant BG update
  • Machine learning in the browser and payments (e.g., edge computing, high performance risk analysis on the client)