I propose that Payment Apps should be able to receive user data stored in the browser after explicit consent from the user. This is only relevant if RequestShipping or RequestPayer* is set to true in the PaymentRequest.

Use cases:

• Payment App require user data to authorize payment. Payment App do not have to ask for the same information again
• Payment App can simplify enrollment by utilizing user data stored in the browser
• A user have multiple "accounts", e.g. private/business. Payment App can identify this by email/phone
• Shared computer/browser. Payment App can identify the user by email/phone

User consent
In order for the Payment App to receive user data in the PaymentAppRequest explicit consent is needed from the user. This can be asked for either at installation or at first time using the Payment App.

The Payment App should indicate that it wants to receive user data at time of installation, when doing the requestPermission call.

User data
The user data in question is the same user data that the merchant get back with the PaymentResponse depending on the RequestShipping or RequestPayer* flags

+1 to this proposal.

Payment through instant credit, using basic user and transaction information for scoring, is an increasingly common use case in developing economies where traditional credit is not available.
i.e. Just the user's mobile number may be enough

This is the user's data and they should be allowed to share it with payment apps they trust if they choose to do so.

Yes, no one disagrees with the use case - but asking for permission up front is not great. If you want this data, you need to call .show() at least once. Then the user can tell the browser to always share the appropriate data with the site on subsequent payment requests.

However, it's up to the UA to provide this UI/UX capability and not something that needs to be in the spec.

However, it's up to the UA to provide this UI/UX capability and not something that needs to be in the spec.

The implication for the spec is that we define a way for:
a) the handler to request that it receives the data (it must make this request either at registration or in response to handling a payment request).
b) a mechanism for passing the data to the app

How we solve a) impacts the way browsers will ask for permission so while we may not design that we do need to consider it.