Comment by saagarjha

> That's that's an argument for security, less so for privacy, in the sense that the surface area may yield points for exploits.

Fair, but I hope you agree that both are something we should care about. The privacy argument is generally the fingerprinting one.

> But the payment stack is also very complicated. It touches everything from the secure enclave up to the Merchant over the network.

Yes, but not at the actual level that the we process would have to deal with. There’s a huge difference between “can I have a credit card number” and “can I DMA” from the web process. (I would assume WebUSB does something saner than that, but it would still be copying a lot of bytes around security boundaries with parsing going on.)

> My computer has never, in at least the last 15 years, been infested by usage of Web APIs. Since the time of Firefox and Chrome taking over from IE4-IE6, I have been free of exploits. It's fair to say that the web is used by billions of people, and for the most part, large scale carnage using browser vectors has been limited.

Well yes, but of course such attacks are typically used against a dozen journalists in a repressive country, and not you, a Google engineer in what I would assume is a moderately comfortable situation in comparison ;)

> I don't think your conclusions are based on actual security researcher threat modeling, but more about an implicit bias against Web apps and towards native.

Bias towards native noted, bias towards security research also a thing I think I may have ;)