[Openid-specs-fapi] Issue #295: Possible support for "embedded" SCA mode (openid/fapi)
joseph at authlete.com
Thu Jun 4 09:01:07 UTC 2020
> On 4 Jun 2020, at 09:41, Anders Rundgren <anders.rundgren.net at gmail.com> wrote:
> On 2020-06-04 10:18, Ralph Bragg via Openid-specs-fapi wrote:
>> Signing and encrypting the login token hint would protect this in transit and ensure a way that only a valid tpp could present it and that it could be decrypted by the target aspsp.
> Supporting EMV which is one of the goals for NextGenPSD2 there is no login token hint. In fact, there's no login at all, it is rather pre-authorized payment-requests.
Can you describe with a few lines of text (without referring to Saturn :-) ) how a protocol could address the EMV use case within FAPI or one of the other mechanisms we’re discussing please?
( https://cyberphone.github.io/doc/payments/open-banking-direct-mode.pdf <https://cyberphone.github.io/doc/payments/open-banking-direct-mode.pdf> seems mostly to be rehashing OpenID’s “sub” and OAuth2’s refresh token, and I can’t see where the result differs from using those two?)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-fapi