This intent is to add a user activation requirement for Secure Payment Confirmation (SPC) credential enrollment in a cross-origin iframe to help mitigate a privacy issue (see for discussion of a potential identity tracking attack).


Specification link

Specification currently under development in a Working Group

Status in Chromium


In development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • Positive


Last updated on 2022-05-12