Secure payment confirmation augments the payment authentication experience on the web with the help of WebAuthn. The feature adds a new 'payment' extension to WebAuthn, which allows a relying party such as a bank to create a PublicKeyCredential that can be queried by any merchant origin as part of an online checkout via the Payment Request API using the 'secure-payment-confirmation' payment method.

Motivation

This feature enables a consistent, low friction, strong authentication experience using platform authenticators. Strong authentication with the user's bank is becoming a requirement for online payments in many regions, including the European Union. The proposed feature provides better user experience and stronger security than existing solutions.

Documentation

Specification

Specification link


Specification currently under development in a Working Group

Status in Chromium

Blink>Payments


Origin trial (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Owners

Intent to Prototype url

Intent to Prototype thread

Last updated on 2021-10-25