Design & Development

‘Payment Request API’ to Streamline Ecommerce Checkouts, Improve Security

A standard application programming interface is helping to eliminate website checkout forms and improve the ecommerce experience on desktop, laptop, and mobile devices. Ecommerce businesses that adopt the approach early could gain a competitive advantage.

Payment Request API has been around since 2016 and was created by the World Wide Web Consortium’s Web Payments Working Group.

The interface lets an ecommerce website or application delegate portions of the payment acceptance process to either the web browser or the native operating system, which can greatly streamline the checkout for shoppers.

A handful of ecommerce platforms have integrated the API, and some online businesses have implemented it as part of a Progressive Web App.

More recently, an increasing number of browsers are supporting the API, thereby making its impact more widespread. Google Developer Advocate Eiji Kitamura reported in July 2020 that Payment Request API was now available in Chrome, Safari, Samsung Internet, Microsoft Edge, Opera, and Brave. At the time of writing, Mozilla planned to add support for the API to Firefox soon.

Payment Flow

Payment Request API can enable a formless or nearly formless checkout experience.

For example, the API supports a “basic card” payment flow that allows shoppers to use payment card information stored in their browser to check out with just a couple of taps (and, for some browsers, the card’s security code) rather than typing in a name, phone number, address, and card number.

This will be especially helpful for shoppers using mobile devices, but it will work in any supporting browser regardless of device.

An example flow might be:

  • Tap a buy button,
  • Select a saved payment card from the browser,
  • Type in the card’s security code,
  • Tap to complete the transaction.
An example of a checkout using the Payment Request API in Chrome on a mobile device. Source: <a href="https://developers.google.com/web/fundamentals/codelabs/payment-request-api">Google Code Labs</a>.

An example of a checkout using Payment Request API in Chrome on a mobile device. Source: Google Code Labs.

The API-enabled transaction works as follows. The ecommerce site initiates a payment request. The browser will then manage the checkout, including contacting the card payment processor. Then the browser will return a token and customer information, such as the shipping address, in JavaScript Object Notation (JSON) format.

The API can also connect to native payment applications, such as Google Pay, Samsung Pay, Apple Pay, and others.

For these payment apps, a second API, Payment Handler API, works with Payment Request API to seamlessly move the shopper from the ecommerce site to the payment application and back again.

In many cases, this payment flow will be formless, meaning that the shopper will not enter any information.

In each payment flow, the number of steps a shopper must take and the amount of information a shopper must enter is significantly reduced from a form-based checkout.

Put another way, the checkout process should take relatively less typing (and time), likely increasing conversions.

Security

Payment Request API “is more secure than form-based payments,” said Sarah Clark, a Google training program manager, in a 2019 video. “The new payment instruments are based on modern cryptography [encryption via tokens]. You don’t need to enter payment data that can be logged or observed at the point of entry.”

So, in addition to being fast and smooth for shoppers, the approach is also at least somewhat better for protecting payment details.

What’s more, the browser returns a response token to the ecommerce website or app. In this way, the customer’s payment card information is not shared with the merchant. The ecommerce website does not receive, transmit, or store the payment card number. In theory, this could reduce the seller’s scope relative to the Payment Card Industry’s Digital Security Standards.

Integration

Soon, many ecommerce platforms will integrate Payment Request API or use a payment setup based on this API.

Merchants that implement it in the meantime, perhaps in conjunction with a Progressive Web App, could gain at least a short term competitive advantage. And merchants that are new to ecommerce or are considering new ecommerce software may wish to look for Payment Request API or equivalent.

Innovation

Payment Request API, as it gains traction, could fuel innovation in the ecommerce industry. For example, it could enable new in-app ecommerce experiences and encourage businesses to deploy sites and applications based on relatively newer technology stacks and architectures.

Payment Request API is just one of the interfaces that the Web Payments Working Group has been developing. The Group’s efforts will continue to enhance ecommerce.

Armando Roggio

Armando Roggio

Bio   •   RSS Feed


x