|
228 | 228 | that results in a <a>dictionarya> or <a data-cite=
|
229 | 229 | "WEBIDL#idl-object">objecta> or null.
|
230 | 230 | p>
|
231 |
| - <p> |
232 |
| - A <a>payment handlera> that defines <a>steps for when a user |
233 |
| - changes payment methoda> MUST redact the <a>address linea>, |
234 |
| - <a>organizationa>, <a>phone numbera>, and <a>recipienta> from |
235 |
| - any <a>PaymentAddressa> included in the |
236 |
| - <a>PaymentMethodChangeEventa>'s <a data-link-for= |
237 |
| - "PaymentMethodChangeEvent">methodDetailsa> attribute. |
238 |
| - p> |
239 | 231 | dd>
|
240 | 232 | dl>
|
241 | 233 | <p>
|
|
2147 | 2139 | <dfn>requestBillingAddressdfn> member
|
2148 | 2140 | dt>
|
2149 | 2141 | <dd data-link-for="PaymentMethodChangeEvent">
|
2150 |
| - A boolean that instructs the <a>user agenta> to get the billing |
2151 |
| - address associated with a <a>payment methoda> (e.g., the billing |
2152 |
| - address associated with a credit card). Typically, the user agent |
2153 |
| - will return the billing address as part of the |
2154 |
| - <a>PaymentMethodChangeEventa>'s <a>methodDetailsa>, albeit |
2155 |
| - possibly with parts of the address redacted for privacy reasons. A |
| 2142 | + A boolean that indicates whether the <a>user agenta> SHOULD collect |
| 2143 | + and return the billing address associated with a <a>payment |
| 2144 | + methoda> (e.g., the billing address associated with a credit card). |
| 2145 | + Typically, the user agent will return the billing address as part of |
| 2146 | + the <a>PaymentMethodChangeEventa>'s <a>methodDetailsa>. A |
2156 | 2147 | merchant can use this information to, for example, calculate tax in
|
2157 |
| - certain jurisdictions. |
| 2148 | + certain jurisdictions and update the displayed total. See below for |
| 2149 | + privacy considerations regarding <a href="#user-info">exposing user |
| 2150 | + informationa>. |
2158 | 2151 | dd>
|
2159 | 2152 | <dt>
|
2160 | 2153 | <dfn>requestPayerNamedfn> member
|
|
5273 | 5266 | p>
|
5274 | 5267 | section>
|
5275 | 5268 | <section>
|
5276 |
| - <h2> |
| 5269 | + <h2 id="user-info"> |
5277 | 5270 | Exposing user information
|
5278 | 5271 | h2>
|
5279 | 5272 | <p>
|
5280 | 5273 | The <a>user agenta> MUST NOT share information about the user with
|
5281 | 5274 | a developer (e.g., the shipping address) without user consent.
|
5282 | 5275 | p>
|
5283 |
| - <p> |
5284 |
| - One way that the API supports limited information sharing is through |
5285 |
| - the "<var>redactListvar>" associated with the creation of |
5286 |
| - <a>physical addressesa> throughout the API. This feature enables |
5287 |
| - user agents to provide the payee with enough information to compute |
5288 |
| - shipping costs or tax information, while limiting the payee's ability |
5289 |
| - to identify the payer via the address. |
5290 |
| - p> |
5291 | 5276 | <p>
|
5292 | 5277 | The <a>user agenta> MUST NOT share the values of the <a data-lt=
|
5293 | 5278 | "PaymentDetailsBase.displayItems">displayItemsa> member or
|
|
5296 | 5281 | member with a third-party <a>payment handlera> without user
|
5297 | 5282 | consent.
|
5298 | 5283 | p>
|
| 5284 | + <p> |
| 5285 | + The <a>PaymentMethodChangeEventa> enables the payee to update the |
| 5286 | + displayed total based on information specific to a selected |
| 5287 | + <a>payment methoda>. For example, the billing address associated |
| 5288 | + with a selected <a>payment methoda> might affect the tax |
| 5289 | + computation (e.g., VAT), and it is desirable that the user interface |
| 5290 | + accurately display the total before the payer completes the |
| 5291 | + transaction. At the same time, it is desirable to share as little |
| 5292 | + information as possible prior to completion of the payment. |
| 5293 | + Therefore, when a <a>payment methoda> defines the <a>steps for when |
| 5294 | + a user changes payment methoda>, it is important to minimize the |
| 5295 | + data shared via the <a>PaymentMethodChangeEventa>'s |
| 5296 | + <a data-link-for="PaymentMethodChangeEvent">methodDetailsa> |
| 5297 | + attribute. Requirements and approaches for minimizing shared data are |
| 5298 | + likely to vary by <a>payment methoda> and might include: |
| 5299 | + p> |
| 5300 | + <ul> |
| 5301 | + <li>Use of a "<var>redactListvar>" for <a>physical addressesa>. |
| 5302 | + The current specification makes use of a "<var>redactListvar>" to |
| 5303 | + redact the <a>address linea>, <a>organizationa>, <a>phone |
| 5304 | + numbera>, and <a>recipienta> from a <a data-link-for= |
| 5305 | + "PaymentRequest">shippingAddressa>. |
| 5306 | + li> |
| 5307 | + <li>Support for instructions from the payee identifying specific |
| 5308 | + elements to exclude or include from the <a>payment methoda> |
| 5309 | + response data (returned through |
| 5310 | + <a>PaymentResponsea>.<var>detailsvar>). The payee might provide |
| 5311 | + these instructions via <a>PaymentMethodDataa>.<var>datavar>, |
| 5312 | + enabling a <a>payment methoda> definition to evolve without |
| 5313 | + requiring changes to the current API. |
| 5314 | + li> |
| 5315 | + ul> |
5299 | 5316 | <p>
|
5300 | 5317 | Where sharing of privacy-sensitive information might not be obvious
|
5301 | 5318 | to users (e.g., when <a data-lt=
|
|
0 commit comments