Overview

Save to Pay is a service that allows you to provision the customer's payment cards from your website.

All communication between your server and Samsung Save to Pay server uses mutual SSL (two-way TLS) over TLS 1.2. Both sides authenticate each other with TLS certificates: Samsung issues you a client certificate for inbound calls, and you must provide a client certificate for Samsung for outbound communication.

The following sections provide all the information you need to integrate Save to Pay:

User experience

The following figure illustrates the user experience of Save to Pay.

User experience

  1. On the issuer website, the customer selects the card they want to add:

    • If the customer is using a desktop computer, the Save to Pay welcome UI window is displayed with a QR code. The customer opens the Samsung Wallet app in their mobile, selects to add a card using a QR code, and scans the code from the welcome UI.
    • If the customer is using a mobile, they tap the Save to Samsung Pay button to open the Samsung Wallet app.
  2. The Samsung Wallet app and the welcome UI window show the end result.

Service flow

The following diagram illustrates the overall Save to Pay flow.

Save to Pay flow

  1. When the customer initiates a process on a desktop for adding a card (for example, by clicking a button or opening a specific page), the issuer server registers for the Save to Pay service session by sending a registration request to Save to Pay.

  2. Save to Pay returns the URL for the welcome UI to the issuer server as a response.

  3. The issuer website displays the welcome UI.

  4. In the Samsung Wallet app, the customer scans the QR code, which triggers the push provisioning process.

    If the Samsung App is not installed on the customer's mobile, the welcome UI directs the customer to install the app and sign in with their Samsung Account.

  5. Samsung Wallet sends an initiation request to Save to Pay.

  6. Save to Pay notifies the issuer server that the wallet is ready.

  7. If the partner issuer is a brand, their issuer server sends a pre-provision request to the card issuer. Otherwise, they retrieve the data from their own server and skip to step 9.

  8. The card issuer returns the data for provisioning (issuerBlob). The data consists of encrypted device- and wallet-specific details, formatted depending on the issuer.

  9. The issuer server sends the provisioning data to Save to Pay.

  10. Save to Pay forwards the provisioning data to Samsung Wallet.

  11. To initiate the tokenization process for the card, Samsung Wallet sends the provisioning data to Samsung Token Requestor.

  12. Samsung Token Requestor forwards the data to the card issuer's token service provider.

  13. The token service provider forwards the data to the card issuer.

  14. The card issuer returns the provisioning response to the token service provider.

  15. The token service provider returns the response to Samsung Token Requestor.

  16. Samsung Token Requestor returns the response to Samsung Wallet that stores the token for future use in online purchases.

  17. Samsung Wallet sends a report to Save to Pay.

  18. Save to Pay notifies the issuer server that the card has been provisioned.