Contact emails [email protected]
Explainer https://github.com/w3c/secure-payment-confirmation/issues/290#issuecomment-3806454419 Specification https://w3c.github.io/secure-payment-confirmation/#sctn-secure-payment-confirmation-capabilities Design docs https://www.w3.org/wbs/83744/spc-mvp-2025/results https://github.com/w3c/secure-payment-confirmation/issues/290#issuecomment-3806454419 https://www.w3.org/2026/01/29-wpwg-minutes.html#3919 https://www.w3.org/2026/02/26-wpwg-minutes.html#bbkdetect Summary Adds a new static method to the Payment Request that allows web developers to get the capabilities of the browser's implementation of Secure Payment Confirmation. This helps web developers to easily know what capabilities are available for Secure Payment Confirmation so they can decide whether or not they want to use Secure Payment Confirmation with those capabilities. Blink component Blink>Payments Web Feature ID secure-payment-confirmation Motivation This feature allows web developers to check for which capabilities are supported in the browser's implementation of Secure Payment Confirmation. Web developers want an easy way to check whether hardware browser bound keys are available with the Secure Payment Confirmation API and only use the API if if they are available. Without this method, web developers would need to initiate the Secure Payment Confirmation flow and force users to go through the dialog and authenticate just to ignore the data returned if it did not contain the browser bound key (in cases where browser bound keys are not available). Initial public proposal https://github.com/w3c/secure-payment-confirmation/issues/290#issuecomment-3806454419 Search tags spc, bbk TAG review No information provided TAG review status Not applicable Risks Interoperability and Compatibility The GetSecurePaymentConfirmationCapabilities method is new and the only risk is if other browser do not implement it. Gecko: No signal (https://github.com/mozilla/standards-positions/issues/570) Firefox haven't implemented SPC yet so this new method is not relevant. WebKit: No signal (https://github.com/WebKit/standards-positions/issues/30) Safari haven't implemented SPC yet so this new method is not relevant. Web developers: Positive (https://www.w3.org/2026/01/29-wpwg-minutes.html#3919) Discussed the GetSecurePaymentConfirmationCapabilities method during the WPWG when proposing a solution to Browser Bound Key Feature Detection and did not receive any comments opposed to this feature. Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? No information provided Debuggability Web developers should be able to inspect the output of the new method which is defined in WebIDL, thus no changes are needed in devtools. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? No The GetSecurePaymentConfirmationCapabilities method will only be added to platforms that support Secure Payment Confirmation which are currently only Android, macOS, and Windows. Is this feature fully tested by web-platform-tests? No Web platform tests are in development. We can only test if the method is available and can be called as user agents have the ability to omit capabilities (for privacy reasons). Flag name on about://flags No information provided Finch feature name SecurePaymentConfirmationCapabilities Rollout plan Will ship enabled for all users Requires code in //chrome? False Tracking bug https://crbug.com/484043990 Launch bug https://launch.corp.google.com/launch/4448199 Measurement A new GetSecurePaymentConfirmationCapabilities UseCounter will be created and used. Availability expectation The GetSecurePaymentConfirmationCapabilities method will only be available in Chromium browsers for the foreseeable future. Estimated milestones Shipping on desktop 147 Shipping on Android 147 Anticipated spec changes Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (eg links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (eg, changing to naming or structure of the API in a non-backward-compatible way). No information provided Link to entry on the Chrome Platform Status https://chromestatus.com/feature/4727235745546240?gate=4769560794365952 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/69a0a6a7.050a0220.3c921b.02ae.GAE%40google.com This intent message was generated by Chrome Platform Status. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/69b02941.710a0220.50957.0104.GAE%40google.com.
