index.html

<!DOCTYPE html>
<html>
<head>
  <title>Payment Handler API</title>
  <meta charset='utf-8'>
  <script src='https://www.w3.org/Tools/respec/respec-w3c-common'
  class='remove'></script>
  <script src='utils.js' class='remove'></script>
  <script class='remove'>
        var respecConfig = {
            shortName:  "payment-apps",
            edDraftURI:   "https://w3c.github.io/webpayments-payment-apps-api/",
            specStatus: "ED",
            editors: [
                {   name:       "Adrian Hope-Bailie",
                    url:        "https://github.com/adrianhopebailie",
                    company:    "Ripple",
                    companyURL: "https://ripple.com"
                },
                {   name:       "Tommy Thorsen",
                    url:        "https://github.com/tommythorsen",
                    company:    "Opera",
                    companyURL: "https://opera.com"
                },
                {   name:       "Adam Roach",
                    url:        "https://github.com/adamroach",
                    company:    "Mozilla",
                    companyURL: "https://mozilla.org"
                },
                {   name:       "Jason Normore",
                    url:        "https://github.com/jnormore",
                    company:    "Shopify",
                    companyURL: "https://shopify.com"
                },
                {   name:       "Ian Jacobs",
                    url:        "http://www.w3.org/People/Jacobs/",
                    company:    "W3C",
                    companyURL: "https://www.w3.org/"
                },
            ],

            useExperimentalStyles: true,
            license:      "w3c-software-doc",

            wg:           "Web Payments Working Group",
            wgURI:        "https://www.w3.org/Payments/WG/",
            wgPublicList: "public-payments-wg",
            wgPatentURI:  "https://www.w3.org/2004/01/pp-impl/83744/status",

            issueBase:    "https://github.com/w3c/webpayments-payment-apps-api/issues/",

            localBiblio:  {
                "PAYMENT-REQUEST-API": {
                    title:    "Payment Request API",
                    href:     "http://www.w3.org/TR/payment-request/",
                    authors:  [
                        "Adrian Bateman",
                        "Zach Koch",
                        "Roy McElmurray"
                    ],
                    status:   "WD"
                },
                "METHOD-IDENTIFIERS": {
                    title:    "Payment Method Identifiers",
                    href:     "https://www.w3.org/TR/payment-method-id/",
                    authors:  [
                        "Adrian Bateman",
                        "Zach Koch",
                        "Roy McElmurry"
                    ],
                    status:   "WD"
                }
            }
        };
  </script>
  <style>
        dt { margin-top: 0.75em; }
        table { margin-top: 0.75em; border-collapse:collapse; border-style:hidden hidden none hidden }
        table thead { border-bottom:solid }
        table tbody th:first-child { border-left:solid }
        table td, table th { border-left:solid; border-right:solid; border-bottom:solid thin; vertical-align:top; padding:0.2em }
        li { margin-top: 0.5em; margin-bottom: 0.5em;}
  </style>
</head>
<body>
  <section id='abstract'>
    <p>Payment Request API [[!PAYMENT-REQUEST-API]] provides a
    standard way to initiate payment requests from Web pages and
    applications. User agents implementing that API prompt the user
    to select a way to handle the payment request, after which the
    user agent returns a payment response to the originating site.
    This specification defines capabilities that enable Web
    applications to handle payment requests.</p>
    <p class="note">We have changed the title of this specification
    but left the identifier as-is. We are likely to want to assign
    it a new URL prior to FPWD.</p>
  </section>
  <section id='sotd'>
    <p>The Web Payments Working Group maintains <a href=
    "https://github.com/w3c/webpayments-payment-apps-api/issues">a
    list of all bug reports that the group has not yet
    addressed</a>. This draft highlights some of the pending issues
    that are still to be discussed in the working group. No
    decision has been taken on the outcome of these issues
    including whether they are valid. Pull requests with proposed
    specification text for outstanding issues are strongly
    encouraged.</p>
  </section>
  <section class='informative'>
    <h2>Introduction</h2>
    <p>The Web Payments Working Group seeks to streamline payments
    on the Web to help reduce "shopping cart abandonment" and make
    it easier to deploy new payment methods on the Web. It has
    published the Payment Request API [[!PAYMENT-REQUEST-API]] as a
    standard way to initiate payment requests from E-Commerce Web
    sites and applications.</p>
    <p>A <dfn id="payment-app">payment app</dfn> is a Web
    application that manages payment requests on behalf of the user
    by supporting one or more payment methods. To enable a Web
    application to handle payment requests, this specification
    defines:</p>
    <ul>
      <li>How origins (i.e., Web sites) request permission to
      handle payment requests on the user's behalf.</li>
      <li>How origins register their support for different payment
      methods with the user agent.</li>
      <li>How origins provide information to faciliate the display
      of payment instruments for selection by the user.</li>
      <li>How user agents invoke and exchange data with payment
      handlers from an origin.</li>
    </ul>
    <p>This specification does not address how software built with
    operating-system specific mechanisms (e.g., "native mobile
    apps") handle payment requests.</p>
  </section>
  <section id='conformance'>
    <p>This specification defines one class of products:</p>
    <dl>
      <dt><dfn>Conforming user agent</dfn></dt>
      <dd>
        <p>A <a>user agent</a> MUST behave as described in this
        specification in order to be considered conformant. In this
        specification, <a>user agent</a> means a <em>Web browser or
        other interactive user agent</em> as defined in
        [[!HTML5]].</p>
        <p>User agents MAY implement algorithms given in this
        specification in any way desired, so long as the end result
        is indistinguishable from the result that would be obtained
        by the specification's algorithms.</p>
        <p>A conforming Payment Handler API user agent MUST also be
        a <em>conforming implementation</em> of the IDL fragments
        of this specification, as described in the “Web IDL”
        specification. [[!WEBIDL]]</p>
        <aside class="note">
          This specification uses both the terms "conforming user
          agent(s)" and "user agent(s)" to refer to this product
          class.
        </aside>
      </dd>
    </dl>
  </section>
  <section id="dependencies">
    <h3>Dependencies</h3>
    <p>This specification relies on several other underlying
    specifications.</p>
    <dl>
      <dt>Payment Request API</dt>
      <dd>The terms <dfn>PaymentRequest</dfn>,
      <dfn>PaymentResponse</dfn>, and <dfn>user accepts the payment
      request algorithm</dfn> are defined by the Payment Request
      API specification [[!PAYMENT-REQUEST-API]].</dd>
      <dt>HTML5</dt>
      <dd>The terms <dfn>global object</dfn>,<dfn>origin</dfn>,
      <dfn>queue a task</dfn>, <dfn>browsing context</dfn>,
      <dfn>top-level browsing context</dfn>, <dfn>structured
      clone</dfn>, <dfn>event handler</dfn>, <dfn>event handler
      event type</dfn>, <dfn>trusted event</dfn>, and <dfn>current
      settings object</dfn> are defined by [[!HTML5]].</dd>
      <dt>ECMA-262 6th Edition, The ECMAScript 2015 Language
      Specification</dt>
      <dd>The term <dfn>Promise</dfn> is defined by
      [[!ECMA-262-2015]].</dd>
      <dt>DOM4</dt>
      <dd>
        <p><dfn>DOMException</dfn> and the following DOMException
        types from [[!DOM4]] are used:</p>
        <table>
          <tr>
            <th>Type</th>
            <th>Message (optional)</th>
          </tr>
          <tr>
            <td><code><dfn>AbortError</dfn></code></td>
            <td>The operation was aborted</td>
          </tr>
          <tr>
            <td><code><dfn>InvalidStateError</dfn></code></td>
            <td>The object is in an invalid state</td>
          </tr>
          <tr>
            <td><code><dfn>NotFoundError</dfn></code></td>
            <td>The object can not be found here.</td>
          </tr>
          <tr>
            <td><code><dfn>SecurityError</dfn></code></td>
            <td>The operation is only supported in a secure
            context</td>
          </tr>
          <tr>
            <td><code><dfn>OperationError</dfn></code></td>
            <td>The operation failed for an operation-specific
            reason.</td>
          </tr>
        </table>
      </dd>
      <dt>WebIDL</dt>
      <dd>
        <p>The following DOMException types from [[!WEBIDL]] are
        used:</p>
        <table>
          <tr>
            <th>Type</th>
            <th>Message (optional)</th>
          </tr>
          <tr>
            <td><code><dfn>NotAllowedError</dfn></code></td>
            <td>The request is not allowed by the user agent or the
            platform in the current context.</td>
          </tr>
        </table>
      </dd>
      <dt>Secure Contexts</dt>
      <dd>The terms <dfn>secure context</dfn> is defined by the
      Secure Contexts specification [[!POWERFUL-FEATURES]].</dd>
      <dt>URL</dt>
      <dd>The <dfn>URL</dfn> concept and <dfn>URL parser</dfn> are
      defined in [[!WHATWG-URL]].</dd>
      <dt>Fetch</dt>
      <dd>The terms <dfn>Fetch</dfn>, <dfn>Request</dfn>,
      <dfn data-lt="body">Request Body</dfn>, <dfn data-lt=
      "method">Request Method</dfn>, <dfn>Header List</dfn>,
      <dfn>Response</dfn>, <dfn>Context</dfn> and <dfn>Network
      Error</dfn> are defined in [[!FETCH]].</dd>
      <dt>Service Workers</dt>
      <dd>The terms <dfn data-lt=
      "service worker|service workers">service worker</dfn>
      <dfn>service worker registration</dfn>, <dfn>active
      worker</dfn>, <dfn>installing worker</dfn>, <dfn>waiting
      worker</dfn>, <dfn>handle functional event</dfn>, <dfn>extend
      lifetime promises</dfn>, and <dfn data-lt=
      "scope url|scope urls">scope URL</dfn> are defined in
      [[SERVICE-WORKERS]].</dd>
    </dl>
  </section>
  <section id="model">
    <h2>Overview of Handling Payment Requests</h2>
    <p>In this document we envision the following flow:</p>
    <ol>
      <li>An origin requests permission from the user to handle
      payment requests for a set of supported payment methods. For
      example, a user visiting a retail or bank site may be
      prompted to register a payment handler from that origin. The
      user agent is not required to prompt the user to grant
      permission to the origin for each new supported payment
      method. A origin's capabilities may thus evolve without
      requiring additional user consent.</li>
      <li>To handle payments, an origin has at least one and
      possibly many service worker registrations. A service worker
      registration has zero or one payment handler.</li>
      <li>Registration associates with each payment handler:
        <ul>
          <li>A list of supported payment methods.</li>
          <li>[Optionally] the conditions under which the handler
          supports a given payment method; these "capabilities"
          play a role in matching computations.</li>
          <li>Information for organizing the display and grouping
          of Instruments supported by the payment handler.</li>
        </ul>
      </li>
      <li>When the merchant calls Payment Request API (e.g., when
      the user pushes a button on a checkout page), the user agent
      computes a list of matching payment handlers, comparing the
      payment methods accepted by the user with those supported by
      registered payment handlers. For payment methods that support
      additional filtering, merchant and payment handler
      capabilities are compared as part of determining whether
      there is a match.</li>
      <li>The user agent displays matching payment handlers,
      displaying and grouping Instruments according to information
      (labels and icons) provided at registration or otherwise
      available from the Web app.</li>
      <li>When the user selects an Instrument, the user agent fires the
      paymentrequest event in the service worker whose registration
      included the payment handler that provided that Instrument. The
      paymentrequest event includes some information from the
      PaymentRequest (defined in [[!PAYMENT-REQUEST-API]]) as well
      as additional information (e.g., origin and selected
      Instrument).</li>
      <li>Once activated, the payment handler performs whatever
      steps are necessary to authenticate the user, process the
      payment, and return payment information to the <a>payee</a>.
      If interaction with the user is necessary, the <a>payment
      handler</a> can open a window for that purpose.
      </li>
      <li>The user agent receives a response asynchronously once
      the user has authorized payment. The response becomes the
      PaymentResponse (of [[!PAYMENT-REQUEST-API]]).</li>
    </ol>
    <p>This specification does not address activities outside this
    flow, including:</p>
    <ul>
      <li>how the user establishes an account with an origin that
      provides payment services.</li>
      <li>how an origin authenticates a user.</li>
      <li>how communication takes place between the payee server
      and the payee Web application, or between a payment app
      origin and other parties.</li>
    </ul>
    <p>Thus, an origin will rely on many other Web technologies
    defined elsewhere for lifecycle management, security, user
    authentication, user interaction, and so on.</p>
  </section>
  <section id="registration">
    <h2>Payment Handler Registration</h2>
    <section>
      <h3>Extensions to the <a>ServiceWorkerRegistration</a>
      interface</h3>
      <p>The Service Worker specification defines a
      <code>ServiceWorkerRegistration</code> interface
      [[!SERVICE-WORKERS]], which this specification extends.</p>
      <pre id="service-worker-registration-idl" class="idl">
        partial interface ServiceWorkerRegistration {
          readonly attribute PaymentManager paymentManager;
        };
      </pre>
    </section>
    <section id="payment-manager">
      <h2><a>PaymentManager</a> interface</h2>
      <pre id="payment-manager-idl" class="idl">
      interface PaymentManager {
        attribute PaymentInstruments instruments;
        attribute PaymentWallets wallets;
      };
      </pre>
      <dl>
        <dt><code>instruments</code> attribute</dt>
        <dd>
          This attribute allows manipulation of payment instruments
          associated with a payment handler. To be presented to the
          user as part of the payment request flow, payment
          handlers must have at least one registered payment
          Instrument, and that Instrument needs to match the payment
          methods and required capabilities specified by the
          payment request.
        </dd>
        <dt><code>wallets</code> attribute</dt>
        <dd>This attribute allows payment handlers to group payment
        instruments together and provide a name and icon for such a
        group (e.g., to group together "business account" payment
        instruments separately from "personal account" payment
        instruments). The use of this grouping mechanism by payment
        handlers is completely optional. If payment handlers use
        this grouping mechanism, then matching payment instruments that
        do not appear in any groups should still be presented to
        users by the browser for selection.</dd>
      </dl>
    </section>
    <section id="payment-instruments">
      <h2><a>PaymentInstruments</a> interface</h2>
      <pre id="payment-instruments-idl" class="idl">
      interface PaymentInstruments {
          Promise&lt;boolean&gt;              delete(DOMString instrumentKey);
          Promise&lt;PaymentInstrument&gt; get(DOMString instrumentKey);
          Promise&lt;sequence&lt;DOMString&gt;&gt;  keys();
          Promise&lt;boolean&gt;              has(DOMString instrumentKey);
          Promise&lt;void&gt;                 set(DOMString instrumentKey,
                                              PaymentInstrument details);
      };
      </pre>
      <p>The <a>PaymentInstruments</a> interface represents a collection of
      payment instruments, each uniquely identified by an <a>instrumentKey</a>.
      The <a>instrumentKey</a> identifier will be passed to the
      payment handler to indicate the <a>PaymentInstrument</a>
      selected by the user.</p>
      <dl>

        <dt><code>delete</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>PaymentInstrument</a>
              with a matching <code>instrumentKey</code>, remove it from
              the collection and resolve <var>p</var> with <b>true</b>.</li>
              <li> Otherwise, resolve <var>p</var> with <b>false</b>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>get</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>PaymentInstrument</a>
              with a matching <code>instrumentKey</code>, resolve <var>p</var>
              with that <a>PaymentInstrument</a>.
              <li> Otherwise, reject <var>p</var> with a
              <a>DOMException</a> whose value is
              "<a>NotFoundError</a>".
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>keys</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li>Resolve <var>p</var> with a sequence that contains all
              the <code>instrumentKey</code>s for the <a>PaymentInstrument</a>s
              contained in the collection.
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>has</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>PaymentInstrument</a>
              with a matching <code>instrumentKey</code>, resolve <var>p</var>
              with <b>true</b>.</li>
              <li> Otherwise, resolve <var>p</var> with <b>false</b>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>set</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>PaymentInstrument</a>
              with a matching <code>instrumentKey</code>, replace it with
              the <a>PaymentInstrument</a> in <code>details</code>.
              <li> Otherwise, <a>PaymentInstrument</a>
              insert the <a>PaymentInstrument</a> in <code>details</code>
              as a new member of the collection and associate it with the
              key <code>instrumentKey</code>.
              <li> Resolve <var>p</var>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>
      </dl>

      <pre class="example highlight" title="Removing all instruments">
        return paymentManager.instruments.keys().then((keys) =&gt; {
          Promise.all(keys.map(paymentManager.instruments.delete(key)))
        });
      </pre>


    </section>
    <section id="payment-instrument">
      <h2><a>PaymentInstrument</a> dictionary</h2>
      <pre id="payment-instrumnt-idl" class="idl">
      dictionary PaymentInstrument {
        required DOMString name;
        sequence&lt;ImageObjects&gt; icons;
        sequence&lt;DOMString&gt; enabledMethods;
        object capabilities;
      };
      </pre>
      <dl>
        <dt><code>name</code> member</dt>
        <dd>The <code>name</code> member is a string that
        represents the label for this payment Instrument as it is
        usually displayed to the user.</dd>
        <dt><code>icons</code> member</dt>
        <dd>The <code>icons</code> member is an array of image
        objects that can serve as iconic representations of the
        payment Instrument when presented to the user for
        selection.</dd>
        <dt><code>enabledMethods</code> member</dt>
        <dd>
          The <dfn id=
          "payment-instrument-enabled-methods"><code>enabledMethods</code></dfn>
          member lists the <a>payment method identifiers</a> of the
          payment methods enabled by this Instrument.
        </dd>
        <dt><code>capabilities</code> member</dt>
        <dd>The <dfn id=
        "payment-instrument-capabilities"><code>capabilities</code></dfn>
        member contains a list of payment-method-specific
        capabilities that this payment handler is capable of
        supporting for this Instrument. For example, for the
        <code>basic-card</code> payment method, this object will
        consist of an object with two fields: one for
        <code>supportedNetworks</code>, and another for
        <code>supportedTypes</code>.</dd>
      </dl>
    </section>
    <section id="payment-wallets">
      <h2><a>PaymentWallets</a> interface</h2>
      <pre id="payment-wallets-idl" class="idl">
      interface PaymentWallets {
          Promise&lt;boolean&gt;              delete(DOMString walletKey);
          Promise&lt;WalletDetails&gt; get(DOMString walletKey);
          Promise&lt;sequence&lt;DOMString&gt;&gt;  keys();
          Promise&lt;boolean&gt;              has(DOMString walletKey);
          Promise&lt;void&gt;                 set(DOMString walletKey,
                                              WalletDetails details);
      };
      </pre>
      <p>Where it appears, The <code>walletKey</code> parameter is
      a unique identifier for the wallet.</p>
      <dl>

        <dt><code>delete</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>WalletDetails</a>
              with a matching <code>walletKey</code>, remove it from
              the collection and resolve <var>p</var> with <b>true</b>.</li>
              <li> Otherwise, resolve <var>p</var> with <b>false</b>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>get</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>WalletDetails</a>
              with a matching <code>walletKey</code>, resolve <var>p</var>
              with that <a>WalletDetails</a>.
              <li> Otherwise, reject <var>p</var> with a
              <a>DOMException</a> whose value is
              "<a>NotFoundError</a>".
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>keys</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li>Resolve <var>p</var> with a sequence that contains all
              the <code>walletKey</code>s for the <a>WalletDetails</a>s
              contained in the collection.
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>has</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>WalletDetails</a>
              with a matching <code>walletKey</code>, resolve <var>p</var>
              with <b>true</b>.</li>
              <li> Otherwise, resolve <var>p</var> with <b>false</b>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

        <dt><code>set</code> method</dt>
        <dd>
          When called, this method executes the following steps:
          <ol>
            <li> Let <var>p</var> be a new promise.</li>
            <li> Run the following steps in parallel:</li>
            <ol>
              <li> If the collection contains a <a>WalletDetails</a>
              with a matching <code>walletKey</code>, replace it with
              the <a>WalletDetails</a> in <code>details</code>.
              <li> Otherwise, <a>WalletDetails</a>
              insert the <a>WalletDetails</a> in <code>details</code>
              as a new member of the collection and associate it with the
              key <code>walletKey</code>.
              <li> Resolve <var>p</var>.</li>
            </ol>
            <li> Return <var>p</var></li>
          </ol>
        </dd>

      </dl>

    </section>
    <section id="wallet-details">
      <h2><a>WalletDetails</a> dictionary</h2>
      <pre id="wallet-details-idl" class="idl">
      dictionary WalletDetails {
          required DOMString name;
          sequence&lt;ImageObject&gt; icons;
          required sequence&lt;DOMString&gt; instrumentKeys;
      };
      </pre>
      <dl>
        <dt><code>name</code> member</dt>
        <dd>The <code>name</code> member is a string that
        represents the label for this wallet as it is usually
        displayed to the user.</dd>
        <dt><code>icons</code> member</dt>
        <dd>The <code>icons</code> member is an array of image
        objects that can serve as iconic representations of the
        wallet when presented to the user for selection.</dd>
        <dt><code>instrumentKeys</code> member</dt>
        <dd>The <code>instrumentKeys</code> member is a
        list of <code>instrumentKey</code>s from
        <a>PaymentManager</a>.<code>instruments</code>,
        indicating which <a>PaymentInstrument</a> objects are associated
        with this <a>Wallet</a>, and should be displayed as being "contained in"
        the wallet. While it is not generally good practice, there is no
        restriction that prevents a <a>PaymentInstrument</a> from appearing in
        more than one <a>Wallet</a>.
        </dd>
      </dl>
    </section>
    <section id="register-example">
      <h3>Registration Example</h3>
      <p>The following example shows how to register a payment
      handler:</p>
      <p class="issue" title="Issue 94 - Permission"><a href=
      "https://github.com/w3c/webpayments-payment-apps-api/issues/94">
      Issue 94</a>. The means for code requesting permission to handle
      payments is not yet defined. The code below is based on one
      potential model (a <code>requestPermission()</code> method on the
      <a>PaymentManager</a>),
      but this is likely to change.
      </p>
      <pre class="example highlight" title=
      "Payment Handler Registration">
        window.addEventListerner("DOMContentLoaded", async() =&gt; {
          const { registration } =
            await navigator.serviceWorker.register('/sw.js');
          if (!paymentManager) {
            return; // not supported, so bail out.
          }
          const state =
            await navigator.permissions.query({ name: "paymenthandler" });

          switch (state) {
            case "denied":
              return;
            case "prompt":
              // Note -- it's not clear how this should work yet; see Issue 94.
              const result = await registration.paymentManager.requestPermission();
              if (result === "denied") {
                return;
              }
              break;
          }
          // Excellent, we got it! Let's now set up the user's cards.
          await addInstruments(registration);
        }, { once: true });

        function addInstruments(registration) {
          const instrumentPromises = [
            registration.paymentManager.instruments.set(
              "dc2de27a-ca5e-4fbd-883e-b6ded6c69d4f",
              {
                name: "Visa ending ****4756",
                enabledMethods: ["basic-card"],
                capabilities: {
                  supportedNetworks: ['visa'],
                  supportedTypes: ['credit']
                }
              }),

            registration.paymentManager.instruments.set(
              "c8126178-3bba-4d09-8f00-0771bcfd3b11",
              {
                name: "My Bob Pay Account: john@example.com",
                enabledMethods: ["https://bobpay.com/"]
              }),

            registration.paymentManager.instruments.set(
              "new-card",
              {
                name: "Add new credit/debit card to ExampleApp",
                enabledMethods: ["basic-card"],
                capabilities: {
                  supportedNetworks:
                    ['visa','mastercard','amex','discover'],
                  supportedTypes: ['credit','debit','prepaid']
                }
              }),
            ];

            return Promise.all(instrumentPromises).then(() =&gt; {
              registration.paymentManager.wallets.set(
                "12a1b7e5-16c0-4c09-a312-9b191d08517b",
                {
                  name: "Acme Bank Personal Accounts",
                  icons: [
                           { src: "icon/lowres.webp",
                             sizes: "48x48",
                             type: "image/webp"
                           },
                           { src: "icon/lowres",
                             sizes: "48x48"
                           }
                         ],
                  instrumentKeys: [
                      "dc2de27a-ca5e-4fbd-883e-b6ded6c69d4f",
                      "c8126178-3bba-4d09-8f00-0771bcfd3b11",
                      "new-card"
                    ]
                });
             });
          };
     </pre>
      <p class="issue" title="Payment method identifiers">The
      Editors will update the payment method identifier syntax in
      this and other examples to align with
      [[!METHOD-IDENTIFIERS]], once a final format has been agreed
      upon.</p>
    </section>
  </section>
  <section id="instrument-display-ordering">
    <h2>Origin and Instrument Display for Selection</h2>
    <p>After applying the matching algorithm defined in Payment
    Request API, the user agent displays a list of matching origins
    for the user to make a selection. This specification includes a
    limited number of display requirements; most user experience
    details are left to user agents.</p>
    <section>
      <h3>Ordering of Payment Handlers</h3>
      <ul>
        <li>The user agent <span class='rfc2119'>MUST</span> favor
        user-side order preferences (based on user configuration or
        behavior) over payee-side order preferences.</li>
        <li>The user agent <span class='rfc2119'>MUST</span>
        display matching payment handlers in an order that
        corresponds to the order of supported payment methods
        provided by the payee, except where overridden by user-side
        order preferences.</li>
        <li>The user agent <span class='rfc2119'>SHOULD</span>
        allow the user to configure the display of matching payment
        handlers to control the ordering and define preselected
        defaults.</li>
      </ul>
      <p>The following are examples of payment handler
      ordering:</p>
      <ul>
        <li>For a given Web site, display payment handlers in an
        order that reflects usage patterns for the site (e.g., a
        frequently used payment handler at the top, or the most
        recently used payment handler at the top).</li>
        <li>Enable the user to set a preferred order for a given
        site or for all sites.</li>
        <li>If the origin of the site being visited by the user
        matches the origin of a payment handler, show the payment
        handler at the top of the list.</li>
      </ul>
    </section>
    <section>
      <h3>Display of Instruments</h3>
      <p>The user agent <span class='rfc2119'>MUST</span> enable
      the user to select any displayed Instrument.</p>
      <ul>
        <li>At a minimum, we expect user agents to display an icon
        and label for each matching origin to help the user make a
        selection.</li>
        <li>In some contexts (e.g., a desktop browser) it may be
        possible to improve the user experience by offering
        additional detail to the user. For example, if the user's
        "bank.com" origin knows about two credit cards (thus, two
        potential responses to the same payment method
        "basic-card"), the user agent could display each credit
        card's brand and the last four digits of the card to remind
        the user which cards the origin knows about.</li>
      </ul>
      <p class="issue" title="Issue 98 - display"><a href=
      "https://github.com/w3c/webpayments-payment-apps-api/issues/98">
      Issue 98</a>. There has been pushback to always requiring
      display of instruments (e.g., on a mobile devices). User agents
      can incrementally show instruments. Or user agents can return an
      empty Instrument ID and it becomes the payment app's
      responsibility to display instruments to the user.</p>
    </section>
    <section>
      <h3>Grouping of Instruments</h3>
      <p>At times, the same origin may wish to group instruments with
      greater flexibility and granularity than merely "by origin."
      These use cases include:</p>
      <ul>
        <li>White label wallets - one origin provides wallet
        services for multiple vendors</li>
        <li>Multiple user profiles with a single provider (e.g.,
        business wallet vs personal wallet)</li>
        <li>Multiple instruments held with a single provider</li>
      </ul>
      <p>A <dfn id="wallet">Wallet</dfn> is a grouping of Instruments
      for display purposes.</p>
      <p>To enable developers to build payment apps in a variety of
      ways, we decouple the registration (and subsequent display)
      of Instruments from how payment handlers respond to
      paymentrequest events. However, the user agent is responsible
      for communicating the user's selection in the event.</p>
    </section>
    <section>
      <h3>Selection of Instruments</h3>
      <p>Users agents may wish to enable the user to select
      individual displayed Instruments. The payment handler would
      receive information about the selected Instrument and could take
      action, potentially eliminating an extra click (first open
      the payment app then select the Instrument).</p>
      <p class="issue" title="Issue 98 - selection"><a href=
      "https://github.com/w3c/webpayments-payment-apps-api/issues/98">
      Issue 98</a>. Should we require that, if displayed,
      individual Instruments must be selectable? Or should we allow
      flexibility that Instruments may be displayed, but selecting any
      one invokes all registered payment handlers? One idea that
      has been suggested: the user agent (e.g., on a mobile device)
      could first display the app-level icon/logo. Upon selection,
      the user agent could display the Instruments in a submenu.</p>
    </section>
  </section>
  <section id="invocation">
    <h2>Payment Handler Invocation, Display and Response</h2>
    <p>Once the user has selected an Instrument, the user agent fires a
    <a>paymentrequest event</a> with a Payment App Request, and
    uses the subsequent Payment App Response to create a
    PaymentReponse for [[!PAYMENT-REQUEST-API]].</p>
    <section id="sec-app-request">
      <h2><a>PaymentAppRequest</a> interface</h2>
      The <a>payment app request</a> is
      conveyed using the following interface:
      <pre class="idl">
      interface PaymentAppRequest {
        readonly attribute DOMString origin;
        readonly attribute DOMString id;
        readonly attribute FrozenArray&lt;PaymentMethodData&gt; methodData;
        readonly attribute PaymentItem total;
        readonly attribute FrozenArray&lt;PaymentDetailsModifier&gt; modifiers;
        readonly attribute DOMString instrumentId;
      };
    </pre>
      <dl>
        <dt><code>origin</code> attribute</dt>
        <dd>
          This attribute a string that indicates the <a>origin</a>
          of the <a>payee</a> web page. It MUST be formatted
          according to the "<a href=
          "https://tools.ietf.org/html/rfc6454#section-6.1">Unicode
          Serialization of an Origin</a>" algorithm defined in
          section 6.1 of [[!RFC6454]].
        </dd>
        <dt><code>id</code> attribute</dt>
        <dd>
          When getting, the <code>id</code> attribute returns this the
          <code>[[\details]].id</code> from the <a>PaymentRequest</a> that
          corresponds to this <code>PaymentAppRequest</code>.
        </dd>
        <dt><code>methodData</code> attribute</dt>
        <dd>
          This attribute contains <code>PaymentMethodData</code>
          dictionaries containing the <a>payment method
          identifiers</a> for the <a>payment methods</a> that the
          web site accepts and any associated <a>payment method</a>
          specific data. It is populated from the
          <a>PaymentRequest</a> using the <a>Method Data Population
          Algorithm</a> defined below.
        </dd>
        <dt><code>total</code> attribute</dt>
        <dd>
          This attribute indicates the total amount being requested
          for payment. It is initialized with a <a>structured
          clone</a> of the <code>total</code> field of the
          <code>PaymentDetails</code> provided when the
          corresponding <a>PaymentRequest</a> object was
          instantiated.
        </dd>
        <dt><code>displayItems</code></dt>
        <dd>
          The sequence of line items optionally provided by the
          payee. It is initialized with a <a>structured clone</a>
          of the <code>displayItems</code> field of the
          <code>PaymentDetails</code> provided when the
          corresponding <a>PaymentRequest</a> object was
          instantiated.
        </dd>
        <dt><code>modifiers</code> attribute</dt>
        <dd>
          This sequence of <code>PaymentDetailsModifier</code>
          dictionaries contains modifiers for particular payment
          method identifiers (e.g., if the payment amount or
          currency type varies based on a per-payment-method
          basis). It is populated from the <a>PaymentRequest</a>
          using the <a>Modifiers Population Algorithm</a> defined
          below.
        </dd>
        <dt><code>instrumentId</code> attribute</dt>
        <dd>
          This attribute indicates the <a>PaymentInstrument</a>
          selected by the user. It corresponds to the
          <code>id</code> field provided during registration.
        </dd>
      </dl>
      <section>
        <h3><dfn>Method Data Population Algorithm</dfn></h3>
        <p>To initialize the value of the <code>methodData</code>,
        the user agent MUST perform the following steps or their
        equivalent:</p>
        <ol>
          <li>Set <var>registeredMethods</var> to an empty
          set.</li>
          <li>For each <a>PaymentInstrument</a> <var>instrument</var> in
          the <a>payment handler</a>'s
          <code>PaymentManager.instruments</code>, add all entries
          in <var>instrument</var>.<code>enabledMethods</code> to <var>
            registeredMethods</var>.
          </li>
          <li>Create a new empty <code>Sequence</code>.</li>
          <li>Set <var>dataList</var> to the newly created
          <code>Sequence</code>.</li>
          <li>For each item in
          <code>PaymentRequest</code>@<var>[[\methodData]]</var> in
          the corresponding payment request, perform the following
          steps:
            <ol>
              <li>Set <var>inData</var> to the item under
              consideration.</li>
              <li>Set <var>commonMethods</var> to the set
              intersection of
              <var>inData</var>.<code>supportedMethods</code> and
              <var>registeredMethods</var>.</li>
              <li>If <var>commonMethods</var> is empty, skip the
              remaining substeps and move on to the next item (if
              any).</li>
              <li>Create a new <code>PaymentMethodData</code>
              object.</li>
              <li>Set <var>outData</var> to the newly created
              <code>PaymentMethodData</code>.</li>
              <li>Set
              <var>outData</var>.<code>supportedMethods</code> to a
              list containing the members of
              <var>commonMethods</var>.</li>
              <li>Set <var>outData</var>.data to a <a>structured
              clone</a> of <var>inData</var>.<code>data</code>.
              </li>
              <li>Append <var>outData</var> to
              <var>dataList</var>.</li>
            </ol>
          </li>
          <li>Set <code>methodData</code> to
          <var>dataList</var>.</li>
        </ol>
      </section>
      <section>
        <h3><dfn>Modifiers Population Algorithm</dfn></h3>
        <p>To initialize the value of the <code>modifiers</code>,
        the user agent MUST perform the following steps or their
        equivalent:</p>
        <ol>
          <li>Set <var>registeredMethods</var> to an empty
          set.</li>
          <li>For each <a>PaymentInstrument</a> <var>instrument</var> in
          the <a>payment handler</a>'s
          <code>PaymentManager.instruments</code>, add all entries
          in <var>instrument</var>.<code>enabledMethods</code> to <var>
            registeredMethods</var>.
          </li>
          <li>Create a new empty <code>Sequence</code>.</li>
          <li>Set <var>modifierList</var> to the newly created
          <code>Sequence</code>.</li>
          <li>For each item in
          <code>PaymentRequest</code>@<var>[[\paymentDetails]]</var>.<code>modifiers</code>
          in the corresponding payment request, perform the
          following steps:
            <ol>
              <li>Set <var>inModifier</var> to the item under
              consideration.</li>
              <li>Set <var>commonMethods</var> to the set
              intersection of
              <var>inModifier</var>.<code>supportedMethods</code>
              and <var>registeredMethods</var>.</li>
              <li>If <var>commonMethods</var> is empty, skip the
              remaining substeps and move on to the next item (if
              any).</li>
              <li>Create a new <code>PaymentDetailsModifier</code>
              object.</li>
              <li>Set <var>outModifier</var> to the newly created
              <code>PaymentDetailsModifier</code>.</li>
              <li>Set
              <var>outModifier</var>.<code>supportedMethods</code>
              to a list containing the members of
              <var>commonMethods</var>.</li>
              <li>Set <var>outModifier</var>.<code>total</code> to
              a <a>structured clone</a> of
              <var>inModifier</var>.<code>total</code>.
              </li>
              <li>Set
              <var>outModifier</var>.<code>additionalDisplayItems</code>
              to a <a>structured clone</a> of
              <var>inModifier</var>.<code>additionalDisplayItems</code>.
              </li>
              <li>Append <var>outModifier</var> to
              <var>modifierList</var>.</li>
            </ol>
          </li>
          <li>Set <code>modifiers</code> to
          <var>modifierList</var>.</li>
        </ol>
      </section>
    </section>
    <section>
      <h3>Invocation</h3>
      <section>
        <h3>Extension to <code>ServiceWorkerGlobalScope</code></h3>
        <p>The Service Worker specification defines a
        <code>ServiceWorkerGlobalScope</code> interface
        [[!SERVICE-WORKERS]], which this specification extends.</p>
        <pre class="idl">
        partial interface ServiceWorkerGlobalScope {
          attribute EventHandler onpaymentrequest;
        };
      </pre>
        <dl>
          <dt><code>onpaymentrequest</code> attribute</dt>
          <dd>
            The <code>onpaymentrequest</code> attribute is an
            <a>event handler</a> whose corresponding <a>event
            handler event type</a> is <code>paymentrequest</code>.
          </dd>
        </dl>
        <p>The <a>PaymentRequestEvent</a> interface represents a
        received <a>payment request</a>.</p>
      </section>
      <section>
        <h3>The <code>paymentrequest</code> Event</h3>
        <p>The <a>PaymentRequestEvent</a> represents a received
        <a>payment request</a>.</p>
        <pre class="idl">
      [Exposed=ServiceWorker]
      interface PaymentRequestEvent : ExtendableEvent {
        readonly attribute PaymentAppRequest appRequest;
        void respondWith(<a>Promise</a>&lt;<a>PaymentAppResponse</a>&gt;appResponse);
      };
      </pre>
        <dl>
          <dt><code>appRequest</code> attribute</dt>
          <dd>
            This attribute contains the <a>payment app request</a>
            associated with this <a>payment request</a>.
          </dd>
          <dt><code>respondWith</code> method</dt>
          <dd>
            This method is used by the payment handler to provide a
            <a>PaymentAppResponse</a> when the payment successfully
            completes.
          </dd>
        </dl>
        <p>Upon receiving a <a>payment request</a> by way of
        <code>PaymentRequest.show()</code> and subsequent user
        selection of a payment handler, the <a>user agent</a> MUST
        run the following steps or their equivalent:</p>
        <ol>
          <li>Let <var>registration</var> be the <a>service worker
          registration</a> corresponding to the payment handler
          selected by the user.
          </li>
          <li>If <var>registration</var> is not found, reject the
          Promise that was created by
          <code>PaymentRequest.show()</code> with a
          <a>DOMException</a> whose value
          "<a>InvalidStateError</a>" and terminate these steps.
          </li>
          <li>Invoke the <a>Handle Functional Event</a> algorithm
          with a <a>service worker registration</a> of
          <var>registration</var> and <var>callbackSteps</var> set
          to the following steps:
            <ol>
              <li>Set <var>global</var> to the global object that
              was provided as an argument.</li>
              <li>Create a <a>trusted event</a>, <var>e</var>, that
              uses the <code><a>PaymentRequestEvent</a></code>
              interface, with the event type
              <code>paymentrequest</code>, which does not bubble,
              cannot be canceled, and has no default action.
              </li>
              <li>Set the <code>appRequest</code> attribute of
              <var>e</var> to a new <a>PaymentAppRequest</a>
              instance, populated as described in <a href=
              "#sec-app-request"></a>.
              </li>
              <li>Dispatch <var>e</var> to <var>global</var>.</li>
              <li>Wait for all of the promises in the <a>extend
              lifetime promises</a> of <var>e</var> to resolve.
              </li>
              <li>If the <a>payment handler</a> has not provided a
              <a>payment app response</a> as described in
                <a href="#sec-payment-app-response"></a>, reject
                the Promise that was created by
                <code>PaymentRequest.show()</code> with a
                <a>DOMException</a> whose value
                "<a>OperationError</a>".
              </li>
            </ol>
          </li>
        </ol>
      </section>
    </section>
    <section>
      <h3>Payment Handler Windows</h3>
      <p>An invoked payment handler may or may not need to display
      information about itself or request user input. Some examples
      of potential payment handler displays include:</p>
      <ul>
        <li>The payment handler opens a window for the user to
        provide an authorization code.</li>
        <li>The payment handler opens a window that makes it easy
        for the user to confirm payment using default information
        for that site provided through previous user
        configuration.</li>
        <li>When first selected to pay in a given session, the
        payment handler opens a window. For subsequent payments in
        the same session, the payment handler (through
        configuration) performs its duties without opening a window
        or requiring user interaction.</li>
      </ul>
      <p class="issue">See <a href=
      "https://github.com/w3c/webpayments-payment-apps-api/issues/97">
      issue 97</a> for discussion about opening window in a way
      that is consistent with payment flow and not confusing to the
      user. For example, there is consensus that in a desktop
      environment, a payment handler should <em>not</em> open a
      window in a new browser tab, as this is too dissociated from
      the checkout context.</p>
      <p>User agents SHOULD display the origin of a running payment
      handler to the user.</p>
    </section>
    <section id="sec-payment-app-response">
      <h2><a>PaymentAppResponse</a> dictionary</h2>
      The <a>payment app response</a>
      is conveyed using the following dictionary:
      <pre class="idl">
      dictionary PaymentAppResponse {
        DOMString methodName;
        object details;
      };
    </pre>
      <dl>
        <dt><code>methodName</code> attribute</dt>
        <dd>
          The <a>payment method identifier</a> for the <a>payment
          method</a> that the user selected to fulfil the
          transaction.
        </dd>
        <dt><code>details</code> attribute</dt>
        <dd>
          A <a>JSON-serializable object</a> that provides a
          <a>payment method</a> specific message used by the
          merchant to process the transaction and determine
          successful fund transfer.
        </dd>
        <dd>
          <p>The user agent receives a successful response from the
          payment handler through resolution of the Promise
          provided to the <code>respondWith</code> function of the
          corresponding <a>PaymentRequestEvent</a> dictionary. The
          application is expected to resolve the Promise with a
          <code>PaymentAppResponse</code> instance containing the
          payment response. In case of user cancellation or error,
          the application may signal failure by rejecting the
          Promise.</p>
          <p>If the Promise is rejected, the user agent MUST run
          the <dfn>payment app failure algorithm</dfn>. The exact
          details of this algorithm is left for user agent
          implementers to decide on. Acceptable behaviors include,
          but are not limited to:</p>
          <ul>
            <li>Letting the user try again, with the same payment
            handler or with a different one.</li>
            <li>Rejecting the Promise that was created by
            <code>PaymentRequest.show()</code>.</li>
          </ul>
          <p>If this Promise is successfully resolved, the user
          agent MUST run the <a>user accepts the payment request
          algorithm</a> as defined in [[!PAYMENT-REQUEST-API]],
          replacing steps 6 and 7 with these steps or their
          equivalent:</p>
          <ol>
            <li>Set <var>appResponse</var> to the
            <code>PaymentAppResponse</code> instance used to
            resolve the
            <a>PaymentRequestEvent</a><code>.respondWith</code>
            Promise.
            </li>
            <li>If <var>appResponse</var>.<code>methodName</code>
            is not present or not set to one of the values from <a>
              PaymentRequestEvent</a>.<code>appRequest</code>, run
              the <a>payment app failure algorithm</a> and
              terminate these steps.
            </li>
            <li>Create a <a>structured clone</a> of
            <var>appResponse</var>.<code>methodName</code> and
            assign it to
            <var>response</var>.<code>methodName</code>.
            </li>
            <li>If <var>appResponse</var>.<code>details</code> is
            not present, run the <a>payment app failure
            algorithm</a> and terminate these steps.
            </li>
            <li>Create a <a>structured clone</a> of
            <var>appResponse</var>.<code>details</code> and assign
            it to <var>response</var>.<code>details</code>.
            </li>
          </ol>
          <p>The following example shows how to respond to a
          payment request:</p>
          <pre class="example highlight" title=
          "Sending a Payment Response">
      paymentRequestEvent.respondWith(new Promise(function(accept,reject) {
        /* ... processing may occur here ... */
        accept({
          methodName: "basic-card",
          details: {
            cardHolderName:   "John Smith",
            cardNumber:       "1232343451234",
            expiryMonth:      "12",
            expiryYear :      "2020",
            cardSecurityCode: "123"
           }
        });
      });
    </pre>
          <p class="note">[[!PAYMENT-REQUEST-API]] defines a
          <code>paymentRequestID</code> that parties in the
          ecosystem (including payment app providers and payees)
          may use for reconciliation after network or other
          failures.</p>
        </dd>
      </dl>
    </section>
    <section id="post-example">
      <h3>Example of handling the <code>paymentrequest</code>
      event</h3>
      <p>This example shows how to write a service worker that
      listens to the paymentrequest event. When a payment request
      event is received, the service worker opens a window in order
      to interact with the user.</p>
      <p class="issue">Per <a href=
      "https://github.com/w3c/webpayments-payment-apps-api/issues/97">
      issue 97</a>, we expect <strong>not</strong> to use
      <code>clients.OpenWindow()</code> and instead await a proposal for a new
      openClientWindow method on the <a>PaymentRequestEvent</a>.
      We will need to update these examples.</p>
      <pre class="example highlight" title=
      "Handling the paymentrequest event" id=
      "example-paymentrequest-event">
      self.addEventListener('paymentrequest', function(e) {
        e.respondWith(new Promise(function(resolve, reject) {
          self.addEventListener('message', listener = function(e) {
            self.removeEventListener('message', listener);
            if (e.data.hasOwnProperty('name')) {
              reject(e.data);
            } else {
              resolve(e.data);
            }
          });

          // Note -- this will probably chage to e.openClientWindow(...)
          clients.openWindow("https://www.example.com/bobpay/pay")
          .then(function(windowClient) {
            windowClient.postMessage(e.data);
          })
          .catch(function(err) {
            reject(err);
          });
        }));
      });
    </pre>
      <p>Using the simple scheme described above, a trivial HTML
      page that is loaded into the <a>payment handler window</a> to
      implement the <em>basic card</em> scheme might look like the
      following:</p>
      <pre class="example highlight" title=
      "Simple Payment Handler Window">
&lt;html&gt; &lt;body&gt; &lt;form id="form"&gt;
&lt;table&gt;
  &lt;tr&gt;&lt;th&gt;Cardholder Name:&lt;/th&gt;&lt;td&gt;&lt;input name="cardholderName"&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;tr&gt;&lt;th&gt;Card Number:&lt;/th&gt;&lt;td&gt;&lt;input name="cardNumber"&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;tr&gt;&lt;th&gt;Expiration Month:&lt;/th&gt;&lt;td&gt;&lt;input name="expiryMonth"&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;tr&gt;&lt;th&gt;Expiration Year:&lt;/th&gt;&lt;td&gt;&lt;input name="expiryYear"&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;tr&gt;&lt;th&gt;Security Code:&lt;/th&gt;&lt;td&gt;&lt;input name="cardSecurityCode"&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;tr&gt;&lt;th&gt;&lt;/th&gt;&lt;td&gt;&lt;input type="submit" value="Pay"&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;/table&gt;
&lt;/form&gt;

&lt;script&gt;
window.addEventListener("message", function(e) {
  var form = document.getElementById("form");
  /* Note: message sent from payment app is available in e.data */
  form.onsubmit = function() {
    /* See https://w3c.github.io/webpayments-methods-card/#basiccardresponse */
    var basicCardResponse = {};
    [ "cardholderName", "cardNumber","expiryMonth","expiryYear","cardSecurityCode"]
    .forEach(function(field) {
      basicCardResponse[field] = form.elements[field].value;
    });

    /* See https://w3c.github.io/webpayments-payment-apps-api/#sec-app-response */
    var paymentAppResponse = {
      methodName: "basic-card",
      details: details
    };

    e.source.postMessage(paymentAppResponse);
    window.close();
  }
});
&lt;/script&gt; &lt;/body&gt; &lt;/html&gt;
    </pre>
    </section>
  </section>
  <section id="security">
    <h2>Security and Privacy Considerations</h2>
    <section>
      <h3>Information about the User Environment</h3>
      <ul>
        <li>The API does not share information about the user's
        registered payment handlers. Information from origins is
        only shared with the payee with the consent of the
        user.</li>
        <li>Similarly, user agents should not share payment request
        information with any payment handler until the user has
        selected that payment handler.</li>
      </ul>
    </section>
    <section>
      <h3>User Consent before Payment</h3>
      <ul>
        <li>One goal of this specification is to minimize the user
        interaction required to make a payment. At the same time,
        user agents must not permit combinations of configurations
        that would enable invoking Web sites to invoke payment
        request and receive payments silently.</li>
      </ul>
    </section>
    <section>
      <h3>Secure Communications</h3>
      <ul>
        <li>See <a href=
        "https://www.w3.org/TR/service-workers/#security-considerations">
          Service Worker security considerations</a>
        </li>
        <li>Payment method security is outside the scope of this
        specification and is addressed by payment handlers that
        support those payment methods.</li>
      </ul>
    </section>
    <section>
      <h3>Payment App Authenticity</h3>
      <p class="note">The Web Payments Working Group is also
      discussing Payment App authenticity; see the (draft) <a href=
      "https://w3c.github.io/webpayments/proposals/Payment-Manifest-Proposal.html">
      Payment Method Manifest</a>.</p>
    </section>
    <section>
      <h3>Data Validation</h3>
      <ul>
        <li>Payees should validate that the data they have received
        through the paymentRequest API is what they expect (e.g.,
        the total that was paid, etc.).</li>
      </ul>
    </section>
    <section>
      <h3>Private Browsing Mode</h3>
      <ul>
        <li>When the Payment Request API is invoked in a "private
        browsing mode," the user agent should launch payment
        handlers in a private context. This will generally prevent
        sites from accessing any previously-stored information. In
        turn, this is likely to require either that the user log in
        to the origin or re-enter payment instrument details.</li>
      </ul>
    </section>
  </section>
  <section class="appendix" id="idl-index"></section>
</body>
</html>