This intent is to add a user activation requirement for Secure Payment Confirmation (SPC) credential enrollment in a cross-origin iframe to help mitigate a privacy issue (see https://github.com/w3c/secure-payme for discussion of a potential identity tracking attack).
Explainers: https://github.com/w3c/secure-payment-confirmation/blob/main/explainer.md