Secure payment confirmation augments the payment authentication experience on the web with the help of WebAuthn. The feature adds a new 'payment' extension to WebAuthn, which allows a relying party such as a bank to create a PublicKeyCredential that can be queried by any merchant origin as part of an online checkout via the Payment Request API using the 'secure-payment-confirmation' payment method.

Motivation

This feature enables a consistent, low friction, strong authentication experience using platform authenticators. Strong authentication with the user's bank is becoming a requirement for online payments in many regions, including the European Union. The proposed feature provides better user experience and stronger security than existing solutions.

Documentation

• https://github.com/w3c/secure-payment-confirmation/blob/main/developer-guide.md

Specification

Specification link

Status: Specification currently under development in a Working Group

Status in Chromium

Blink components: Blink>Payments

Implementation status: Origin trial (tracking bug)

Consensus & Standardization

• Firefox: No signal
• Edge: No signal
• Safari: No signal
• Web Developers: Positive

Owners

• rouslan@chromium.org
• nburris@chromium.org
• smcgruer@chromium.org
• maxlg@chromium.org

Intent to Prototype url

Last updated on 2021-10-25