I propose that Payment Apps should be able to receive user data stored in the browser after explicit consent from the user. This is only relevant if RequestShipping or RequestPayer* is set to true in the PaymentRequest.

Use cases:

• Payment App require user data to authorize payment. Payment App do not have to ask for the same information again
• Payment App can simplify enrollment by utilizing user data stored in the browser
• A user have multiple "accounts", e.g. private/business. Payment App can identify this by email/phone
• Shared computer/browser. Payment App can identify the user by email/phone

User consent
In order for the Payment App to receive user data in the PaymentAppRequest explicit consent is needed from the user. This can be asked for either at installation or at first time using the Payment App.

The Payment App should indicate that it wants to receive user data at time of installation, when doing the requestPermission call.

User data
The user data in question is the same user data that the merchant get back with the PaymentResponse depending on the RequestShipping or RequestPayer* flags