The choice should have been done to maximize portability, not to maximize efficiency and flexibility.

What I ended up doing for having a similar codebase on all plateform is to parse a BIP70 messages with the help of a web service that convert it to JSON.

I don't like this solution since it had a trust dependency, and the certificate verification become handled by the web service, not the device. But even if I solved google buffer problem, I would stumble upon having headache to validate the x509 certificate chain on every plateforms.

A simple BIP70 using JSON + HTTPS would have make things more easy.

I agree that it requires that the merchant own the domain name of the BIP70 endpoint, but I don't consider such a big of a deal, since this is how e-commerce works.