Google is testing native apps-like one-tap biometric payment capabilities dubbed Secure Payment Confirmation on the desktop. These capabilities will be available to Chrome users in the coming months. Google is working with a payment processing platform Stripe to pilot a new experimental prototype, Techtsp has learned.
Google’s prototype is being built on top of 3D Secure 2.0 authentication for credit card payments through Stripe. The goal of the pilot experiment is to validate the fingerprint enrollment and checkout user experience.
Well, 3D Secure (3DS) authentication for card payments relies on biometric inputs in native applications such as Google Pay and many other Internet banking applications.
Google wants to provide users with similar biometric payment experience in Chrome across devices including the desktop. This is where Google's WebAuthn to Pay can come in handy.
"Today, 3D Secure (3DS) authentication for card payments relies on fingerprinting techniques that browsers are actively trying to remove because they are prone to abuse by malicious trackers that harm a user’s privacy. The alternative of upfront authentication has not been feasible thus far due to high user friction involved. The WebAuthn to Pay proposal puts forth a vision of a one tap to pay flow that can provide the ideal combination of secure and low-friction authentication needed to replace fingerprinting in 3DS. In the long run, this enables secure tap-to-pay everywhere on the web," the pilot proposal reads.
Techtsp has obtained early UX mockups of the prototype on Chrome for macOS. See below:
1
2
The goal of the pilot experiment is to validate the enrollment and checkout authentication user experience. In a technical document seen by Techtsp, Google and Stripe engineers have described their pilot experiment as follows:
“A proposed experiment between Chrome and Stripe that involves building a prototype of Secure Payment Confirmation and testing it on a small fraction of production traffic to evaluate the user experience of a WebAuthn to Pay flow and the impact (if any) on merchant conversion rates.”
The pilot experiment between Google and Stripe will follow two key flows: Enrollment and authentication.
Enrollment
- User fills credit card form
- Merchant opens a payment handler window and redirects to the issuer’s 3DS challenge
- User authenticates with the issuer
- Issuer offers to enroll a WebAuthn credential with the user
- User creates a WebAuthn credential using the platform authenticator in their system
- Enrollment completes
Authentication
- User returns to another merchant and enters their credit card
- Merchant asks the issuer for credential IDs associated with the credit card (via 3DS) and then asks the browser to authenticate the user using one of these credentials
- User authenticates with the platform authenticator
- Issuer authenticates the user using the WebAuthn signature
The feature, which is limited to Chrome for macOS behind a secure-payment-confirmation feature flag, is available for experimentation via Origin Trial.
Google will finalize API based on Origin Trial feedback and explore design for other platforms later this year. Meanwhile, Google plans to ship this feature to all its platforms including Windows and Android by Q2 2021.
Related Articles
Google Chrome users can receive SMS messages on desktop in the near future
Google Chrome set to bring native web sharing capabilities to Windows 10
Google Chrome set to release Tab Search feature behind experimental flag
Google Chrome 86 adds 'Show annotations' button to PDF Viewer
Comments
Post a Comment