Secure payment confirmation augments the payment authentication experience on the web with the help of WebAuthn. The feature adds a new PaymentCredential credential type to the Credential Management spec, which allows a relying party such as a bank to create a PublicKeyCredential that can be queried by any merchant origin as part of an online checkout via the Payment Request API using the proposed secure-payment-confirmation payment method.

Motivation

This feature enables a consistent, low friction, strong authentication experience using platform authenticators. Strong authentication with the user's bank is becoming a requirement for online payments in many regions, including the European Union. The proposed feature provides better user experience and stronger security than existing solutions.

Documentation

• https://bit.ly/secure-payment-confirmation

Specification

Public discussion

Status in Chromium

Blink components: Blink>Payments

Origin trial (tracking bug)

Consensus & Standardization

• Firefox: Positive
• Edge: No signal
• Safari: No signal
• Web Developers: Positive

Owners

• rouslan@chromium.org
• nburris@chromium.org
• smcgruer@chromium.org
• maxlg@chromium.org

Intent to Prototype url

Last updated on 2021-07-16