Filter
-
Content Type
-
Category
Mobile/Wearable
Visual Display
Digital Appliance
Platform
Recommendations
Filter
Develop Samsung Wallet
doc5 2 card management api guidelines once your service is successfully onboarded, you gain the ability to design and deploy custom digital assets—such as boarding passes, coupons, tickets, and more—directly to samsung wallet the adding samsung wallet card templates section defines interfaces for providers to conveniently create wallet cards in samsung wallet the generated wallet card templates can be updated by following the instructions on the updating wallet card templates section authorized partners can add wallet cards to users directly from the partner server by following the instructions on the adding wallet cards section below service domain environment domain public domain https //tsapi-card walletsvc samsung com 5 2 1 adding wallet card templates this section describes how to create a wallet card in samsung wallet [request] type value description method post url /partner/v1/card/template headers authorization string 1024 required credential token the token can have prefix "bearer" as an authorization type i e , bearer <credentials>* see json web token x-smcs-partner-id string 32 required partner id x-request-id string 32 required request identifier random generated uuid string body parameters ctemplate object required actual payload data in basic json format to establish the communication between partners and samsung wallet this must be in the secure jwt json web token format * see the chapter security for more details payload object cardtemplate object required wallet card template object cardtemplate prtnrid string 32 required partner id cardtemplate templaterefid string 19 required partner template id unique value for each template created by a partner this value is set to a number of 19 digits or less cardtemplate title string 32 required wallet card name cardtemplate countrycode string 2 required the main headquarters location code refer to iso-3166-1 alpha-2 for the country code cardtemplate cardtype string 100 required template card type for details, refer to wallet cards cardtemplate subtype string 100 required template card sub type for details, refer to wallet cards cardtemplate designtype string 100 optional the value that defines the design type of the wallet card for details, refer to wallet cards cardtemplate applogoimg string 200 optional the banner logo image url the maximum size of the image is 1024*1024 e g http //www yourdomain com/banner_logo_image png cardtemplate saveinserveryn string 1 optional sets whether to save the card data this value can only be set for the ‘id card’ type cardtemplate prtnrapppckgname string 128 optional the application package name cardtemplate nonetworksupportyn string 1 optional sets whether to support opening the wallet card under 'no network' status this feature cannot be modified after the wallet card is approved this must be set to either 'y' or 'n' * default 'n' cardtemplate sharebuttonexposureyn string 1 optional sets whether to support the sharing function this feature cannot be modified after the wallet card is approved this must be set to either 'y' or 'n' * default 'y' cardtemplate privacymodeyn string 1 optional if this value is set, the user authentication is required when using the card to protect the user's sensitive information this must be set to either 'y' or 'n' * default 'n' cardtemplate preventcaptureyn string 1 optional this value is a screen capture prevention flag that defines whether the content view prevents screen capture cardtemplate category string 20 optional this item can only be set if the card type is “generic” set the category to get more detailed statistical information for instance, parking pass, membership, reservations, insurance, health, receipt, coupon stamp, note, photo, and others cardtemplate prtnrcarddata string 1000 optional [get card data] partner url check the url format below and implement the api according to the url refer to partner server api specification for instance, you can use https //yourdomain cardtemplate prtnrcardstate string 1000 optional [get card state] partner url check the url format below and implement api according to url refer to partner server api specification for instance, you can use https //yourdomain cardtemplate prtnrmempoint string 1000 optional [get membership point] partner url cardtemplate cardmetacp string 1000 optional [get card meta cp] partner url cardtemplate getfulfillmentlist string 1000 optional [get fulfillment list] partner url cardtemplate prtnrbalance string 1000 optional [get card balance] partner url cardtemplate state string 15 optional when creating a card, you can transition the card's state from “draft” to “verifying” you can only choose “draft” or “verifying” * default 'draft' cardtemplate desc string 500 optional description example /** example card template object **/ { "prtnrid" "4083254626439156160", "templaterefid" "123456781864545365", "title" "coupon", "countrycode" "kr", "cardtype" "coupon", "subtype" "others", "nonetworksupportyn" "n", "sharebuttonexposureyn" "y" } /** example **/ post /partner/v1/card/template [headers] authorization eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjg1o x-smcs-partner-id partner-id-0001 x-request-id req-202303140003 x-request-cc2 kr /** payload **/] { "ctemplate" "eyjjdhkioijkv1qilcjhbgcioijsinrpbwvzdgftcci6imnyzwf0z…" } [response] type value description http status 200 ok payload cardid wallet card id [example] 200 ok { "cardid" "3hdpejr6qi380", "resultcode" "0", "resultmessage" "success" } [result] http status code description 200 200 ok 400 400 bad request requests cannot or will not be processed the request due to something that is perceived to be a client error 401 401 unauthorized authorization token is invalid or expired 500 500 internal server error 503 503 service unavailable 5 2 2 updating wallet card templates wallet card templates updated through api can also be checked and managed in the same way on the ‘wallet partners portal' partners can manage all wallet cards they have created [request] type value description method post url /partner/v1/card/template/{card id} headers authorization string 1024 required credential token the token can have prefix "bearer" as an authorization type i e , bearer <credentials>* see json web token x-smcs-partner-id string 32 required partner id x-request-id string 32 required request identifier random generated uuid string path parameters card id string 32 required the wallet card identifier granted through the partner portal * the identifier is needed when updating a specific card template body parameters ctemplate object required actual payload data in basic json format to establish the communication between partners and samsung wallet this must be in the secure jwt json web token format * see the chapter security for more details payload object cardtemplate object required wallet card template object cardtemplate prtnrid string 32 required partner id cardtemplate cardid string 32 required the cardid response received when creating a card cardtemplate templaterefid string 19 required partner template id the unique value for each template created by a partner this value is set to a number with 19 digits or less cardtemplate title string 32 optional wallet card name cardtemplate countrycode string 2 optional the main headquarters location code refer to iso-3166-1 alpha-2 for the country code cardtemplate prtnrapppckgname string 128 optional the application package name cardtemplate applogoimg string 200 optional the banner logo image url the maximum size of that image is 1024*1024 cardtemplate saveinserveryn string 1 optional sets whether to save the card data this value can only be set for the ‘id card’ type cardtemplate nonetworksupportyn string 1 optional sets whether to support opening the wallet card under 'no network' status this feature cannot be modified after the wallet card is approved this must be set to either 'y' or 'n' * default 'n' cardtemplate sharebuttonexposureyn string 1 optional sets whether to support the sharing function this feature cannot be modified after the wallet card is approved this must be set to either 'y' or 'n' * default 'y' cardtemplate privacymodeyn string 1 optional if this value is set, user authentication is required when using the card to protect the user's sensitive information this must be set to either 'y' or 'n' * default 'n' cardtemplate preventcaptureyn string 1 optional this value is a screen capture prevention flag that defines whether the content view prevents screen capture cardtemplate category string 20 optional this item can only be set if the card type is “generic” set the category to get more detailed statistical information for instance parking pass, membership, reservations, insurance, health, receipt, coupon stamp, note, photo, and others cardtemplate prtnrcarddata string 1000 optional [get card data] partner url check the url format below and implement the api according to the url refer to partner server api specification for instance, you can use https //yourdomainn cardtemplate prtnrcardstate string 1000 optional partner url check the url format below and implement the api according to the url refer to partner server api specification for instance, you can use https //yourdomain cardtemplate prtnrmempoint string 1000 optional [get membership point] partner url cardtemplate cardmetacp string 1000 optional [get card meta cp] partner url cardtemplate getfulfillmentlist string 1000 optional [get fulfillment list] partner url cardtemplate prtnrbalance string 1000 optional [get card balance] partner url cardtemplate state string 15 optional if the card status is “draft”, you can only select “verifying” cardtemplate testingmodeoff string 1 optional this value can be set only when the card status is active normal service is possible only when the testing mode is changed to off * default ‘n’ cardtemplate desc string 500 optional description [example] /* *example card template object **/ { "prtnrid" "4083254626439156160", "cardid" "3hdpejr6qi380", "templaterefid" "123456781864545365", "title" "coupon", "countrycode" "kr", "nonetworksupportyn" "n", "sharebuttonexposureyn" "y" } /** example **/ post /partner/v1/card/template/cardid=3hdpejr6qi380 [headers] authorization eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjg1o x-smcs-partner-id partner-id-0001 x-request-id req-202303140003 x-request-cc2 kr /** payload **/ { "ctemplate" "eyjjdhkioijkv1qilcjhbgcioijsinrpbwvzdgftcci6imnyzwf0z…" } [response] type value description http status 200 ok payload cardid wallet card id [example] 200 ok { "cardid" "3hdpejr6qi380", "resultcode" "0", "resultmessage" "success" } [result] http status code description 200 200 ok 400 400 bad request requests cannot or will not be processed the request due to something that is perceived to be a client error 401 401 unauthorized authorization token is invalid or expired 500 500 internal server error 503 503 service unavailable 5 2 3 adding wallet cards a typical addition to the wallet card is triggered by user interaction, such as pressing the add to wallet button or link the api also supports adding a wallet card automatically to the user for a special purpose with user’s consent this api allows partners to provide wallet cards to users the request payload must contain information about the target to which the card is added this information may be related to the user’s account, or it may contain information about a card that is already registered a push notification is sent to the user’s device to confirm successful card registration the success of card registration must be determined that the card is registered normally when it is updated to added of send card state an administrator must grant permission for partners to use this api card data specification card id {card id} is an id issued when the partner manager signs up for partner services and register the wallet card they want to service refer to partner onboarding guide document for details cdata actual payload data in basic json format to establish the communication between partners and samsung wallet see the details in the table below card data token the specific wallet card data mentioned as cdata must be secured in jwt json web token format see a chapter security for details [request] type value description method post url /atw/v1/cards/{card id} headers authorization string 1024 required credential token the token can have prefix "bearer" as an authorization type i e , bearer <credentials>* see json web token x-smcs-partner-id string 32 required partner id x-request-id string 32 required request identifier random generated uuid string path parameters card id string 32 required wallet card identifier granted through the partner portal body parameters cdata object required actual payload data in basic json format to establish the communication between partners and samsung wallet this must be in the secure jwt json web token format * see the chapter security for more details payload object card object required wallet card object card type string 16 required wallet card type *see wallet cards card subtype string 16 required wallet card sub type *see wallet cards card data[] array of object required wallet card data container data[] refid string 32 required a unique content identifier defined by the content provider data[] createdat long 13 required data creation timestamp epoch timestamp in milliseconds *utc±00 00 data[] updatedat long 13 required data update timestamp epoch timestamp in milliseconds *utc±00 00 data[] language string 8 required default card language code e g en, ko data[] attributes object required attributes container data[] attributes {fields} required attributes fields by card type*see wallet cards data[] localization[] array of object optional localized language container *see wallet cards localization[] language string 8 required multilingual content language code, e g en, ko localization[] attributes {fields} for displaying a given language, ‘data[] attributes’ can be replaced by localized versions *see wallet cards account object conditional user account object account type string 16 required type of user identifier, e g phonenumber, email account value string 64 required user identifier [example] /** example card object **/ { "card" { "type" "ticket", "subtype" "movies", "data" [{ "refid" "ref-20230304-001", "createdat" 1612660039000, "language" "en", "attributes" { "title" "samsung wallet", "mainimg" "https // /main png" *refer to wallet cards }, "localization" [{ "language" "ko", "attributes" { "title" "삼성 월렛" } }] }] }, "account" { "type" "phonenumber", "value" "+821012345678” } } /** example **/ post /atw/v1/cards/1656147182764415319 [headers] authorization eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjg1o x-smcs-partner-id partner-id-0001 x-request-id req-202303140003 x-request-cc2 kr /** payload **/ { "cdata" "eyjjdhkioijkv1qilcjhbgcioijsinrpbwvzdgftcci6imnyzwf0z…" } [response] type value description http status 200 ok payload n/a example 200 ok [result] http status code description 200 200 ok 400 400 bad request requests cannot or will not be processed the request due to something that is perceived to be a client error 401 401 unauthorized authorization token is invalid or expired 500 500 internal server error 503 503 service unavailable
Develop Samsung Wallet
doc5 3 notification for partners deliver personalized push messages to samsung wallet users, linked to their wallet cards samsung wallet enables authorized partners to send targeted push notifications using pre-approved message templates this feature supports marketing, transactional, and engagement-driven use cases only partners with administrative approval can access and use the notifications feature the notifications tab is hidden for unauthorized accounts notification workflow overview step 1 create notification template partners can create push message templates through the partner portal or notification api templates define the structure and content of the notification type only merchant push is supported message category choose from marketing or other variables use dynamic placeholders with {{ }} syntax e g , hello {{name}}, your pass for {{event}} is ready if your wallet card supports multiple languages, a message template must be provided for each language variant after drafting the message run harmfulness check to detect prohibited content results pass or fail even if failed, templates can still be submitted but may be rejected in the next step step 2 request template approval once the template is complete click the request approval button in the portal an administrator will review the content if rejected the reason is provided via system email partners can revise and resubmit the template for approval if approved the approved date will appear in the portal the template becomes eligible for use in the notification api step 3 push notification with template once a template is approved, partners can push notifications to users linked to their wallet cards using a secure post api request required parameters template id – issued after template approval reference id – a unique identifier tied to the user’s wallet card created during the add to wallet process only pre-approved templates can be used in push requests step 4 monitor impressions and clicks after the push is delivered, partners can track impressions – number of users who viewed the notification clicks – number of interactions with the push these metrics can be accessed through the partner portal dashboard, enabling performance evaluation of each campaign [request] type value description method post url /{cc2}/wltex/cards/{card id}/notifications/{template id}/send header authorizationstring 1024 required credential token the token can have prefix "bearer" as an authorization type e g , bearer <credentials> * refer to authorization token for more details x-smcs-partner-idstring 32 required partner id x-request-idstring 32 required request identifier randomly generated uuid string path parameters cc2string 2 required country code cc2 from send card state card idstring 32 required wallet card identifier granted from partners portal template idstring 32 required approved notification template identifier from partners portal payload ndatastring required notification object json * this field needs to be encrypted * refer to security for more details * the value of "cty" must be set to "notification" notification object refidsarray of string 100 required unique content identifier defined by the content provider data object required name-value pair for use in notification template [example] post /wltex/cards/12584806754/notifications/12353465344/send /*[headers]*/ authorization bearer eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjg1o x-smcs-partner-id partner-id-0001 x-request-id req-202303140003 /*[payload]*/ { “ndata” “eyjjdhkioijbvvriiiwidmvyi…” } /*[notification object]*/ { "refids" [ "ref-20230304-0003", "ref-20230304-0004" ], "data" { "name" "logan", "place" "samsung wallet" } } [response] type value description http status 200 ok payload n/a [result] http status code description 200 ok success 400 bad request requests cannot or will not be processed the request due to something that is perceived to be a client error 401 unauthorized authorization token is invalid or expired 500 internal server error the server encountered an unexpected condition that prevented it from fulfilling the request
Develop Samsung Wallet
doc1 4 supported use cases samsung wallet supports a variety of partner-integrated digital assets payments credit/debit cards via samsung pay tokenized, secure, and tap-to-pay functionality loyalty & membership add/store loyalty cards, point systems, membership ids trigger offers or reminders based on location or usage event & travel tickets boarding passes for airlines event tickets concerts, sports, theatre qr or barcode-based entry digital ids & credentials student ids, employee badges government-issued digital ids where supported access control or age verification coupons & promotions single-use or multi-use coupons auto-reminders before expiration
Develop Samsung Wallet
doc4 5 card specs 4 5 1 common this chapter defines wallet card data fields for the attributes object of each wallet card type the structure for configuring wallet cards follows the defined specification configuring the card data in the specified formatted json structure is required see the details for each card type type value description card object card object required card information card type string 16 required wallet card type card subtype string 16 required wallet card sub type card data[] array of object required wallet card data containerallows up to 6 objects at once data[] refid string 32 required a unique content identifier definedby the content provider data[] createdat long 13 required data creation timestamp epoch timestamp in milliseconds * utc±00 00 data[] updatedat long 13 required data creation timestamp epoch timestamp in milliseconds * utc±00 00 data[] language string 8 required default content language code e g , en, ko data[] attributes object required card data attributes * refer to the following chapters for each type data[] attributes {fields} attribute fields by card type data[] localization[] array of object conditional information for multilingual support localization[] language string 8 required multilingual content language code e g , en, ko, etc localization[] attributes {fields} for displaying a given language,‘data[] attributes’ can be replaced bylocalized versions * refer to the following chapters for each type [example] example card object { "card" { "type" "relyingparty", "subtype" "others", "data" [ { "refid" "ref-20230304-001", "createdat" 1612660039000, "language" "en", "attributes" { "title" "samsung wallet", "mainimg" "https // /main png" //** please refer to the details of the following each card ** }, "localization" [ { "language" "ko", "attributes" { "title" "삼성 월렛" } } ] } ] } } to ensure secure card data transmission, it must be tokenized in jwt format for this purpose, partner will need the certificate obtained using the partner's email account when signing up for the partner portal for detailed information on secure data tokenization, partners can refer to the security chapter *image resources provided by urls can be cached therefore, for the image resource to be replaced immediately, the corresponding url path must be changed 4 5 2 relying party ‘relyingparty’ cards are used for verifier authentication when partners create the verify with samsung wallet button, they will need to create cdata this is the data spec included when creating the cdata of relayingparty type wallet card type wallet card type wallet card subtype relyingparty others others wallet card data fields attributes type value description attributes{fields} logoimage string 256 required url of the logo image the file size must not be greater than 256 kb logoimage darkurl string 256 required url of the logo image the file size must not be greater than 256 kb logoimage lighturl string 256 required url of the logo image the file size must not be greater than 256 kb fontcolor string 8 optional display color of the font during user authentication providername string 32 required display name during user authentication clienttype string 32 required information on whether the client operates as an application or web clientpackagename string 32 required if the client is operating as an app, enter the package name, if it works on the web, enter a service name [example] { "card" { "type" "relyingparty", "subtype" "others", "data" [ { "refid" "0613001", "createdat" 1686657600000, "updatedat " 1686657600000, "language" "en", "attributes" { "logoimage" "https //samsung com", "logoimage darkurl" "https //dark samsung com", "logoimage lighturl" "https //light samsung com", "fontcolor" "black", "providername" "company name", "clienttype" "app", "clientpackagename" "com companyname app" } } ] } }
Develop Samsung Wallet
doc2 4 statistics 2 4 1 performance monitoring the samsung wallet service is monitored to get an effective measure of the wallet performance overview wallet card total number of wallet cards registered in the portal wallet card type total number of wallet card types registered in the portal wallet card template total number of templates registered in the portal recent trends provides key indicators and trend charts for the selected period provides the ability to change the period and wallet card type being reviewed item description registered registration by wallet card category impressions count when the coupon or banner is displayed on each screen page click count of click on a specific link to the number of total users who view a coupon or banner click through rate percentage of clicks against impressions in the coupon or banner [ctr % = clicks/impressions] stats of wallet cards provides detailed statistical information for the selected wallet card provides the ability to change the period, template, and wallet card type checks detailed information and charts for each indicator item description registered registration by wallet card category number of registrations by wallet card category and registrations by template number of registrations by template , registered number of registrations for the specified wallet card category/template , registration by partner number of registrations by partner active device number of device registering cards in the wallet max number of unique device ids dmid the max number means the maximum value during the statistical period - the hourly graph shows the maximum time's value - the daily graph shows the maximum date's value top 10 of all templates statistics on top 10 templates based on number of registrations or clicks & ctr add to wallet - impressions number of impressions counts for 'add to wallet' button add to wallet - clicks number of clicks for 'add to wallet' button add to wallet –click through rate ratio of clicks against impressions for 'add to wallet' button [ctr % = clicks/impressions] wallet cards - impressions number of exposures of registered content wallet cards – clicks number of clicks on registered content wallet cards – click through rate click through rate of registered content age & gender age & gender statistics for impression/click/ctr data by wallet card / wallet category registered by end user push notification – impressions number of exposures of push notification content push notification – clicks number of clicks of push notification content
Develop Samsung Pay
doc1 1 introduction samsung pay is a mobile payment and digital wallet service developed by samsung, enabling users to make secure payments using their galaxy devices—both in-store and online as part of the broader samsung wallet ecosystem, it supports not only contactless payments but also digital card management, loyalty programs, and more for developers and technology partners, samsung pay provides a set of sdks and tools that enable seamless integration of payment capabilities into mobile apps and web platforms this empowers merchants, card issuers, and financial institutions to deliver fast, secure, and user-friendly payment experiences overview and components of samsung pay samsung pay is designed as a flexible and secure platform with multiple integration options tailored for different use cases it consists of the following core components key features of samsung pay the key features of samsung pay are uses advanced tokenization and samsung knox security to safeguard user data and transaction integrity enables in-app, online, and contactless payments using nfc and mst where supported verifies transactions with fingerprint, iris, or face recognition—enhancing convenience and safety works across a wide range of samsung smartphones, tablets, and wearables allows card issuance from web and mobile environments using save to pay market-specific adaptations ensure compliance with regional regulatory requirements benefits of samsung pay for developers & partners
Develop Samsung Pay
doc3 3 web checkout sdk 3 3 1 overview samsung pay web checkout enables seamless, secure payments on your website using cards stored in the samsung wallet app this javascript-based sdk makes it easy to integrate samsung pay into your desktop or mobile web checkout experience key features cross-device supportusers can complete purchases on both desktop and mobile browsers samsung wallet integrationpayments are authorized using cards saved in the samsung wallet mobile app secure credential transmissionpayment credentials are securely generated on the mobile device and transmitted to your website multiple authentication optionsusers can bind their device by either entering their samsung account email, or scanning a qr code displayed on your checkout page user scenario with the service flow the following figures describe the user scenario for making a purchase through samsung pay web checkout the following figure illustrates the samsung pay web checkout flow payment initiation & device binding the user selects samsung pay as the payment method at checkout a web checkout ui launches, prompting the user to link their device enter samsung account email, or scan a qr code using their mobile device a push notification is sent to their samsung wallet app for mobile devices the user selects samsung pay as the payment method at checkout a payment request pop-up is displayed and prompts the user to select the “pay” button the samsung wallet app automatically opens on the current device user confirmation on mobile device the user taps the notification on their device the samsung wallet app opens a payment sheet showing order details the user selects a payment card and authorizes the purchase payment completion a "verified" screen is shown in the browser as the transaction is confirmed your website receives a secure payment credential from samsung pay you forward this credential to your payment processor to complete the purchase 3 3 2 web checkout integration samsung pay web checkout enables seamless online payments using samsung wallet on supported mobile devices let’s us look how to integrate the web checkout sdk into your website and process secure, tokenized transactions prerequisites before integrating samsung pay web checkout, ensure the following samsung pay merchant id you must complete the partner onboarding process to obtain a valid merchant id tokenization support your acquirer and issuer must support tokenized in-app transactions per card network standards web checkout integration steps to integrate the samsung pay web checkout solution to your website include the samsung pay sdk add the sdk to your website's frontend <script src="https //img mpay samsung com/gsmpi/sdk/samsungpay_web_sdk js"></script> configure payment methods define the supported card brands, protocol, api version, and your service merchant id const paymentmethods = { "version" "2", "serviceid" "dcc1cbb25d6a470bb42926", "protocol" "protocol_3ds", "allowedbrands" ["visa","mastercard"] } initialize the samsung pay client set the environment "stage" – testing with device "stage_without_apk" – testing without device simulated "production" – live environment const samsungpayclient = new samsungpay paymentclient {environment "stage"} ; note if your project has a content-security-policy csp applied, please ensure that you add a nonce to the css to maintain compliance this can be done by updating your sdk configuration as follows const samsungpayclient = new samsungpay paymentclient {environment "stage", nonce "your-nonce"} ; check availability verify samsung pay availability in the user’s browser/device samsungpayclient isreadytopay paymentmethods then function response { if response result { // add a payment button } } catch function err { console error err ; } ; add samsung pay button use the official samsung pay button asset and adhere to branding guidelines <div id="samsungpay-container"> <button id="samsung-pay-btn"> <img src="/your/path /samsung-pay-button png" alt="samsung pay" style="{follow the samsung's official branding guideline}" /> </button> </div> note download the official samsung pay button image and branding guideline from download page and use it directly in your html as shown here download attach click handler add your event handler to the button document getelementbyid "samsung-pay-btn" addeventlistener "click", onsamsungpaybuttonclicked ; create the transaction detail define transaction metadata such as order info, merchant details, and total amount const transactiondetail = { "ordernumber" "dstrf345789dsgty", "merchant" { "name" "virtual shop", "url" "virtualshop com", "id" "xn7qfnd", "countrycode" "us" }, "amount" { "option" "format_total_estimated_amount", "currency" "usd", "total" 300 } } launch payment flow trigger the web checkout interface when the user clicks the payment button when the onclick event is triggered, your event handler must call the loadpaymentsheet method, which initiates the web checkout ui flow when the user confirms the payment from their mobile device, you receive the paymentcredential object generated by the device note extract the payment credential information from the 3ds data key within the paymentcredential object and process it through your payment provider inform the samsung server of the payment result using the notify method within the paymentresult object samsungpayclient loadpaymentsheet paymentmethods, transactiondetail then paymentcredential => { // forward paymentcredential to your payment provider const paymentresult = { const paymentresult = { "status" "charged", "provider" "pg name" } samsungpayclient notify paymentresult ; } catch error => { payment credential sample the paymentcredential is the resulting output of the loadpaymentsheet method sample paymentcredential json output using jwe-only { "method" "3ds", "recurring_payment" false, "card_brand" "visa", "card_last4digits" "8226", "3ds" { "type" "s", "version" "100", "data" "eyjhbgcioijsu0exxzuilcjrawqioiixzhlsbkfvrvjttk53z0j0mmvzcevwu1poswrzzghqbvi3bzhqcdvkagvbpsisinr5cci6ikppu0uilcjjagfubmvsu2vjdxjpdhldb250zxh0ijoiulnbx1blssisimvuyyi6ikexmjhhq00ifq jykxn2h9pk1uj-4knpuij1r49ykw7-3aelznhadzsztclvjlhoyjomujfl1h21yq_5rmdwz9lj6o67j8m6kn_1dnkvnqaugi203ol5tegf-j15n_pcinj1nycfyivohazidbg9fq2nzts_muu9cvykiz-ifsuz6rfl9aiuoakjpctzpn8lwlddzxzme3j86sd45i-ahxwbujfvy9d2zrt1sddgoxgorjrzy3o5s29pybkaytjmcpc_jicu-sdsx3s1snm_cvhaqiccoxyidih6hfwo35fsswysvxu8yfpgtwbcdai9ujkptvr7npnp1ch85ja3dvw3mi87v-pwiqmw hdzesnbxu0d0t68e pcv1csibw7jgtlgfoovmebm-wggpw9rhonbkdb_qwwfl_cuf7_0nj_knuozq4pudk0_vzktbhi3kv0gt2ybmqs6zfpnxd3cdpgk_lyio8z8xciasoz5vltamjg7n5maadxxpvqwtcpk_tbksve2ke8w7r3u4kapfjl2ene06j3e4rkae367x8_aoxy2l3lhoeqzl4lfsntfs71xfc-s9h5-bgi2clkba-9hlrtpbxtumwa830rwywm7m fs5-tfbxq73l7icrrwkbla" } } the decrypted output will be similar to this { "amount" "100", "currency_code" "usd", "utc" "1719388643614", "eci_indicator" "5", "tokenpan" "5185731679991253", "tokenpanexpiration" "0127", "cryptogram" "akkeavcvwhfmammud6r3aoacfa==" } note for information about the content of the paymentmethods, transactiondetail, and paymentcredential data structures, see the api reference 3 3 3 decrypting payment credentials for security, samsung pay encrypts the payment credential using json web encryption jwe you must decrypt this payload to extract the payment token and process the transaction to decrypt the payment credentials generate a der file from your private key $ openssl pkcs8 -topk8 -in merchant key -outform der -nocrypt -out rsapriv der decrypt the jwe encrypted data sample implementation in java import java nio file files; import java nio file paths; import java security keyfactory; import java security interfaces rsaprivatekey; import java security spec pkcs8encodedkeyspec; import java util base64; import javax crypto cipher; import javax crypto spec gcmparameterspec; import javax crypto spec secretkeyspec; import com fasterxml jackson databind jsonnode; import com fasterxml jackson databind objectmapper; public class developerportalsample { public static void main string[] args throws exception { // example jwe string replace with your actual jwe and private key path string encryptedtext = {{encryptedpayload}}; string privatekeypath = " /rsapriv der"; string private_key = base64 getencoder encodetostring files readallbytes paths get privatekeypath ; string result = decryptjwe encryptedtext, private_key ; system out println result ; } public static string decryptjwe string encryptedtext, string privatekeytext throws exception { // split jwe parts by ' ' string delims = "[ ]"; string[] tokens = encryptedtext split delims ; if tokens length < 5 { throw new illegalargumentexception "invalid jwe format" ; } // decode and parse jwe header byte[] headerbytes = base64 geturldecoder decode tokens[0] ; string headerjson = new string headerbytes ; objectmapper mapper = new objectmapper ; jsonnode header = mapper readtree headerjson ; // extract algorithm information from header string alg = header has "alg" ? header get "alg" astext "rsa1_5"; string enc = header has "enc" ? header get "enc" astext "a128gcm"; // convert private key byte[] privatekeybytes = base64 getdecoder decode privatekeytext ; pkcs8encodedkeyspec privatekeyspec = new pkcs8encodedkeyspec privatekeybytes ; keyfactory keyfactory = keyfactory getinstance "rsa" ; rsaprivatekey privatekey = rsaprivatekey keyfactory generateprivate privatekeyspec ; // decode encrypted key, iv, ciphertext, and authentication tag byte[] enckey = base64 geturldecoder decode tokens[1] ; byte[] iv = base64 geturldecoder decode tokens[2] ; byte[] ciphertext = base64 geturldecoder decode tokens[3] ; byte[] tag = base64 geturldecoder decode tokens[4] ; // create cipher instance based on key management algorithm string keymanagementalgorithm; boolean useaad = false; if "rsa-oaep" equals alg { keymanagementalgorithm = "rsa/ecb/oaeppadding"; // at samsung, oaep uses aad additional authenticated data useaad = true; } else if "rsa1_5" equals alg { keymanagementalgorithm = "rsa/ecb/pkcs1padding"; // while rsa1_5 does not use aad useaad = false; } else { throw new illegalargumentexception "unsupported key management algorithm " + alg ; } // decrypt the cek content encryption key cipher decryptcipher = cipher getinstance keymanagementalgorithm ; decryptcipher init cipher decrypt_mode, privatekey ; byte[] plainenckey = decryptcipher dofinal enckey ; // create cipher instance based on content encryption algorithm string contentencryptionalgorithm; int gcmtaglength; if "a128gcm" equals enc || "a256gcm" equals enc { contentencryptionalgorithm = "aes/gcm/nopadding"; gcmtaglength = 128; } else { throw new illegalargumentexception "unsupported content encryption algorithm " + enc ; } // decrypt the content cipher contentcipher = cipher getinstance contentencryptionalgorithm ; gcmparameterspec gcmparameterspec = new gcmparameterspec gcmtaglength, iv ; secretkeyspec keyspec = new secretkeyspec plainenckey, "aes" ; contentcipher init cipher decrypt_mode, keyspec, gcmparameterspec ; // aad handling use base64url-encoded header bytes as aad if useaad { byte[] encodedheader = base64 geturlencoder withoutpadding encode headerbytes ; contentcipher updateaad encodedheader ; } // concatenate ciphertext and tag, then pass to dofinal byte[] cipherdata = new byte[ciphertext length + tag length]; system arraycopy ciphertext, 0, cipherdata, 0, ciphertext length ; system arraycopy tag, 0, cipherdata, ciphertext length, tag length ; byte[] plaintext = contentcipher dofinal cipherdata ; return new string plaintext, java nio charset standardcharsets utf_8 ; } sample implementation in c# using system; using system io; using system text; using system text json nodes; using system security cryptography; public static void main string[] args { // example jwe string replace with your actual jwe and private key path string encryptedtext = {{encryptedpayload}}; string privatekeypath = /rsapriv der"; // read the private key file der format byte[] privatekeybytes = file readallbytes privatekeypath ; // decrypt the jwe string result = decryptjwe encryptedtext, privatekeybytes ; // print the result console writeline result ; } public static string decryptjwe string encryptedtext, byte[] privatekeybytes { // split jwe parts by ' ' var parts = encryptedtext split ' ' ; if parts length < 5 throw new argumentexception "invalid jwe format" ; // decode and parse jwe header var headerbytes = base64urldecode parts[0] ; var headerjson = encoding utf8 getstring headerbytes ; var header = jsonnode parse headerjson ; // extract algorithm information from header string alg = header?["alg"]? tostring ?? "rsa1_5"; string enc = header?["enc"]? tostring ?? "a128gcm"; // convert private key assume pkcs8 der using var rsa = rsa create ; rsa importpkcs8privatekey privatekeybytes, out _ ; // decode encrypted key, iv, ciphertext, and authentication tag var enckey = base64urldecode parts[1] ; var iv = base64urldecode parts[2] ; var ciphertext = base64urldecode parts[3] ; var tag = base64urldecode parts[4] ; // create cipher instance based on key management algorithm bool useaad = false; if alg == "rsa-oaep" { // at samsung, oaep uses aad additional authenticated data useaad = true; } else if alg == "rsa1_5" { // while rsa1_5 does not use aad useaad = false; } else { throw new argumentexception $"unsupported key management algorithm {alg}" ; } // decrypt the cek content encryption key byte[] plainenckey = alg == "rsa-oaep" ? rsa decrypt enckey, rsaencryptionpadding oaepsha1 rsa decrypt enckey, rsaencryptionpadding pkcs1 ; // decrypt the content using var aes = new aesgcm plainenckey, 16 ; var plaintext = new byte[ciphertext length]; if useaad { // aad handling use base64url-encoded header bytes as aad var encodedheader = encoding ascii getbytes base64urlencode headerbytes ; aes decrypt iv, ciphertext, tag, plaintext, encodedheader ; } else { aes decrypt iv, ciphertext, tag, plaintext ; } return encoding utf8 getstring plaintext trimend '\0' ; } private static byte[] base64urldecode string input { string s = input replace '-', '+' replace '_', '/' ; switch s length % 4 { case 2 s += "=="; break; case 3 s += "="; break; } return convert frombase64string s ; } private static string base64urlencode byte[] input { return convert tobase64string input trimend '=' replace '+', '-' replace '/', '_' ; } 3 3 4 integration on webview configure webview enablements to invoke samsung pay application in webview, you should override the shouldoverrideurlloading method javascript and dom storage are disabled in a webview by default you can enable through the websettings attached to your webview websettings allows any website to use javascript and dom storage for more information, visit websettings sample code kotlin import android webkit webview import android webkit webviewclient import android content intent import android content activitynotfoundexception companion object { private const val samsung_pay_url_prefix string = "samsungpay" private const val samsung_app_store_url string = "samsungapps //productdetail/com samsung android spay" } private lateinit var webview webview webview settings run { javascriptenabled = true domstorageenabled = true } webview webviewclient = object webviewclient { override fun shouldoverrideurlloading view webview, request webresourcerequest boolean { // get url from webresourcerequest val url = request url tostring // add below if statement to check if url is samsung pay or samsung app store deep link if url startswith samsung_pay_url_prefix || url startswith samsung_app_store_url , ignorecase = false { try { val intent = intent parseuri url, intent uri_intent_scheme startactivity intent } catch e activitynotfoundexception { // exception would be occured if the samsung wallet app is not installed // go to install samsung wallet app from market val installintent = intent parseuri "samsungapps //productdetail/com samsung android spay", intent uri_intent_scheme installintent addflags intent flag_activity_new_task startactivity installintent } // return true will cause that the url will not be loaded in webview return true } // the remaining part of the shouldoverrideurlloading method code // return false when you want to load url automatically by webview return false } } 3 3 5 sample implementation the following sample code implements the samsung pay web checkout button on a merchant site the implementation steps are described in web checkout integration for information about the content of the paymentmethods, transactiondetail, and paymentcredential data structures, see the api reference <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <script src="https //img mpay samsung com/gsmpi/sdk/samsungpay_web_sdk js"></script> </head> <body> <div id="samsungpay-container"></div> <script> const samsungpayclient = new samsungpay paymentclient {environment "stage"} ; let paymentmethods = { version "2", serviceid "dcc1cbb25d6a470bb42926", protocol "protocol_3ds", allowedbrands ["visa","mastercard"] } samsungpayclient isreadytopay paymentmethods then function response { if response result { createandaddbutton ; } } catch function err { console error err ; } ; function createandaddbutton { const samsungpaybutton = samsungpayclient createbutton { onclick onsamsungpaybuttonclicked, buttonstyle "black", type "buy" } ; document getelementbyid "samsungpay-container" appendchild samsungpaybutton ; } function onsamsungpaybuttonclicked { let transactiondetail = { ordernumber "dstrf345789dsgty", merchant { name "virtual shop", url "virtualshop com", id "xn7qfnd", countrycode "us" }, amount { option "format_total_estimated_amount", currency "usd", total 300 } } samsungpayclient loadpaymentsheet paymentmethods, transactiondetail then function paymentcredential { console log "paymentcredential ", paymentcredential ; const paymentresult = { "status" "charged", "provider" "pg name" } samsungpayclient notify paymentresult ; } catch function error { console log "error ", error ; } ; } </script> </body> </html> 3 3 6 api reference let us learn the description of data structures used in the samsung pay web checkout api integration paymentmethods the paymentmethods object defines the payment methods that the merchant supports "paymentmethods" data structure elements key type required description version string required samsung pay api versionthe supported value is 2 serviceid string required merchant id that is assigned after onboarding protocol string required payment protocol typethe supported value is protocol_3ds allowedbrands list<string> required list of supported card brandsthe possible values are visamastercardamexdiscoverelomadacbjaywan tbd isrecurring boolean optional value if payment is recurringthe default value is false isbillingaddressrequired boolean optional value if billing address must be included in the payment credentials the default value is false iscardholdernamerequired boolean optional value if cardholder name must be included in the payment credentials the default value is false iscpfcardrequired boolean optional value if cpf must be included in the payment credentials the default value is false merchantchoicebrands object optional data structure containing configuration information for a co-badged card merchantchoicebrands type string required co-badged card display option for the payment sheetthe possible values are mandatory = only the brand defined in merchantchoicebrands brands is enabledpreference = the brand defined in merchantchoicebrands brands is selected by default but the user can change it merchantchoicebrands brands list<string> required list of supported brands for the co-badged cardthe possible values are madacb extrapaymentinfo object optional data structure containing additional supported features extrapaymentinfo id string required feature id for the additional featurethe possible values are combocard = combo carddsrp = digital secure remote payment extrapaymentinfo type string optional feature type, if the value of extrapaymentinfo id is dsrpthe possible values are ucaf = universal cardholder authentication fieldicc = integrated circuit cardthe default value is ucaf transactiondetail the transactiondetail object contains the transaction information for the user's purchase "transactiondetail" data structure elements key type required description ordernumber string required order number of the transactionthe following characters are allowed [a-z][a-z][0-9,-] merchant object required data structure containing merchant information merchant name string required merchant name merchant url string required merchant domain urlthe maximum length is 100 characters merchant id string conditional a unique identifier, known as the merchant unique id, is assigned by either merchant or the payment gateway pg or payment orchestrator po when a merchant is onboarded into their system this id is required in specific scenarios, namely when onboarding as a pg or po with samsung, or if the token brand is "mada" or the merchantchoicebrands brands includes "mada" the character limit for this id varies 15 characters for "mada" token brands and 45 characters for all other cases merchant countrycode string required merchant country codeiso-3166-1 alpha-2 amount object required data structure containing the payment amount amount option string required display format for the total amount on the payment sheetthe possible values are format_total_estimated_amount = display "total estimated amount " and total amountformat_total_price_only = display the total amount only amount currency string required currency codethe maximum length is 3 characters amount total string required total payment amount in the currency specified by amount currencythe amount must be an integer for example, 300 or in a format valid for the currency such as 2 decimal places after a separator, for example, 300 50 type string optional transaction typethis value is specifically supported for mada tokens and will not apply to other token types the possible values are purchasepreauthorizationthe default value is purchase paymentcredential the paymentcredential object contains the payment credential information generated by the samsung wallet application on the user's mobile device paymentcredential data structure elements key type required description card_brand string required brand of the payment card card_last4digit object required last 4 digits of the card number 3ds object required data structure containing the generated 3ds data 3ds type string optional 3ds typethe value is s for samsung pay 3ds version string required 3ds versionthe value for the current version is 100 3ds data string required encrypted payment credential data recurring_payment boolean required value if credential is enabled for recurringthe default value is false encryptedmessage string conditional encrypted string jwe that contains billing address, cardholder name and cpf when required by partner it can be decrypted in the same way as payment credentials encryptedmessage the decrypted encryptedmessage object in paymentcredential object contains billing address, cardholder name and cpf when required by partner "encryptedmessage" data structure elements key type required description billingaddress object conditional billing address billingaddress addressline1 string required address line 1 billingaddress addressline2 string optional address line 2 billingaddress city string required city billingaddress state string conditional state billingaddress countrycode string required country code iso 3166-1 alpha-3 billingaddress postalcode string required postal code cardholdername string conditional cardholder name cpf object conditional brazilian cpf cpf name string required the full name of the individual associated with the cpf cpf number string required the brazilian taxpayer number cpf , consisting of exactly 11 digits, without hyphens or dots paymentresult the paymentresult object contains the payment result information during transaction processing, and after the payment is processed with pg network paymentresult data structure elements key type required description status string required payment statusthe possible values are charged = payment was charge successfullycanceled = payment was canceled by either user, merchant, or acquirerrejected = payment was rejected by acquirererred = an error occurred during the payment process provider string optional payment provider pg name 3 3 7 partner checklist checklist for samsung pay web checkout on the merchant website, verify if the following functions works as expected samsung pay is available in the payment options section of the website samsung pay logo is displayed correctly in the payment options section after the samsung pay payment option is selected, the account/scan qr and email input options are displayed, and redirects the user to the samsung wallet app on their mobile device for the account option, “request to pay” and “cancel” buttons are displayed for the email option, “next” and “cancel” buttons, and a way to reset id are displayed for the scan qr option, the request automatically times out if you wait for more than 5 minutes, and you are redirected to the checkout screen once redirected to the samsung wallet app, “pay” and “cancel” buttons are displayed on a mobile browser, after the samsung pay payment option is selected, “continue with samsung pay” button is displayed samsung checkout screen is displayed the merchant domain name is displayed the order summary which contains the amount due, and product name is displayed the payment method selected is “samsung wallet” the contact information displays the customer’s name, phone, and email you should be able to modify this information, if needed “continue” and “cancel” buttons are displayed note these are relevant if you are executing an end-to-end test you can skip these tests if you are using a test transaction setup on the samsung wallet app via your test device, verify if the following functions works as expected a default card is displayed on the payment sheet the card name and last 4 digits of the card is displayed on the payment sheet you are able to change the card when multiple cards are enrolled in samsung pay if you requested for the transaction using billingaddress parameter, the billing address is displayed on the payment sheet the billing address can be filled and modified depending on the amount option parameter, the payment amount is displayed as “total” or “total estimated amount ” the merchant name is displayed on the payment sheet the pin/biometric authentication option is displayed to proceed with payment confirmation the “verified” checkmark is displayed in blue upon payment confirmation if you are testing with actual cards, and samsung wallet is in production environment, confirm the transaction notification on the mobile phone is displayed once the purchase is made on transaction completion, verify the following on the merchant website the payment completion screen is displayed on the mobile or non-mobile device, depending where the transaction is initiated you are able to initiate a payment using samsung pay with a card already added for the merchant’s website basic card
Develop Samsung Pay
doc3 4 save to pay 3 4 1 overview save to pay s2p is a secure integration service by samsung pay that enables partners to store and access user payment credentials for future transactions the communication between the partner’s backend and the save to pay server is protected by mutual ssl two-way ssl authentication, ensuring that both the client and server validate each other's identities key highlights uses a custom certificate authority ca managed by samsung pay techops requires ip allowlisting for both staging and production environments communication is secured over tls 1 2 involves both inbound partner → s2p and outbound s2p → partner api communications, secured via ssl and authenticated with client certificates and headers 3 4 2 endpoints there are 2 endpoints available - staging & production staging will be used for development and integration testing access to these endpoints is restricted to allowlisted ip addresses partner should provide the external ip addresses during the onboarding process supported protocols - tlsv1 2 staging https //s2p-api stg mpay samsung com production https //s2p-api mpay samsung com 3 4 3 onboarding steps to begin integration, follow these onboarding steps step 1 submit a certificate signing request csr partners must generate and send a csr to samsung, along with the following details common name cn for the client certificate partner server base url for receiving outbound notifications from the s2p server external ip address to be added to the access allowlist step 2 receive certificate and partner id samsung will sign the csr using its internal ca and return the client certificate a unique partner id will be issued for each environment this partner id must be included in the headers of every request made to the s2p server 3 4 4 authentication overview mutual ssl is used for both inbound and outbound communication between the partner and the save to pay system inbound partner → save to pay server all requests must be secured with mutual ssl partners connect using the client certificate issued by samsung every request must include the partner id in the header partner ids are environment-specific different for staging and production outbound save to pay server → partner s2p communicates with partner servers over mutual ssl samsung will use a client certificate signed by the partner’s ca partner must be able to validate s2p’s certificate for inbound requests 3 4 5 security protocols protocol tls v1 2 authentication mutual ssl two-way tls certificates partner-to-s2p samsung issues the client certificate s2p-to-partner partner issues the client certificate to samsung 3 4 6 best practices the best practices are keep your client certificate secure and monitor expiration dates log and monitor all inbound/outbound requests for verification and debugging maintain a staging environment for ongoing testing 3 4 7 external api specification the external api specification in the context of samsung's save to pay s2p service refers to the structured guidelines and protocols that define how external partner systems can securely interact with the s2p platform this specification encompasses authentication methods, data formats, api endpoints, and integration workflows to ensure seamless and secure provisioning of payment cards into the samsung wallet app 3 4 8 integration workflow the integration involves several key steps initialization & ui setup step 1–2 register session the partner server initiates the flow by registering with the s2p server on success, it receives regid a unique session identifier must be cached for session tracking welcomeurl a hosted ui url that guides the user through the card addition process step 3 display welcome ui the partner's frontend embeds the welcomeurl ui typically in an <iframe> the ui shows a qr code and clear instructions for the user to continue user interaction step 4 user launches samsung wallet spay wa the user opens the samsung wallet app and scans the qr code shown on the welcome ui if the app is not installed, the ui directs the user to download the samsung wallet app sign in with their samsung account session linking & device validation step 5–6 initiate request & device association spay wa scans the qr code and triggers an initiate request to the s2p server s2p validates the payload and links the device info with the regid the server also forwards the device metadata to the partner server device id wallet id user id the welcome ui updates to show that linking was successful card pre-provisioning step 7–8 partner pre-provisions card the partner server contacts the issuer to pre-provision the card retrieve the encrypted issuerblob which contains secure card/token information step 9 return issuerblob the partner server includes the issuerblob in its notify response back to the s2p server this blob is encrypted only the issuer can decrypt it is device- and wallet-specific only usable by the original device format depends on the issuer step 10 deliver to device the s2p server includes the issuerblob and any other metadata in the initiate response back to the spay wa tokenization steps 11–16 add token in samsung pay spay wa initiates the standard tokenization process using the issuerblob the token is securely added to the samsung wallet for use in nfc or online transactions completion & confirmation step 17 notify s2p server after successful provisioning, spay wa notifies the s2p server that the card/token was added successfully for the given regid step 18 notify partner the s2p server sends a final callback to the partner server confirming the process is completed for the regid 3 4 9 data types type json type format description string string size 2048 boolean boolean object object enum string pattern [a-za-z0-9_]{1,256 values from a limited set are only allowed each field of type enum will define the values allowed phonenumber string pattern [0-9+ -]+ uuid string pattern [a-za-z0-9-_]{26,128} unique identifier url string size 2048 must be an absolute url defined by rfc 2396 uniform resource identifiers uri generic syntax supported schemes - http, https timestamp number int64 - signed 64 bits unix epoch time in milliseconds countrycode string size 2 unique identifier 3 4 10 inbound api specification – save2pay the inbound api specification for save2pay defines the protocols and requirements for partner servers to interact with the save2pay system this specification ensures secure and standardized communication during the push provisioning process general contract base url https //s2p-api mpay samsung com/ext/v1 security mutual ssl is required common headers header name type validation description request-id uuid required unique identifier for the request partner-id uuid required unique identifier that is provided to partner during onboarding partner-id uuid required request-id echoed back in the response headers common http error codes http code description application code message 400 bad request 400 1 invalid data 500 internal server error 500 1 internal server error 503 service not available 503 1 service temporarily unavailable retry-after header is required 503 service not available 503 2 api temporarily unavailable retry-after header is required 3 4 11 registration partner server registers a session for the user as a result, a unique registration id will be generated partner server should make sure that this is called only once for one card a welcomeurl will also be returned partner server can display the welcomeurl in browser or email upon rendering, a qr code will be displayed and users can use their spay wa to scan the qr code welcomeurl has an expiration date, partner server should check if it's still valid before rendering if it's expired, a get call will return the new url request post /registrations body key type validation description example registration email string optional user email address registration enforceemailmatching boolean default is false optional enforce only spay wa with the same email address can provision enforcement is only against the email address that's provided by the partner true registration hideemail boolean default is false optional hide email field registration phone phonenumber optional user phone number registration enforcephonematching boolean optional default is false enforce only spay wa with the same phone number can provision enforcement is only against the phone number that's provided by the partner true registration hidephone boolean optional default is false hide phone field registration welcomecallbackurl url optional callback url that the welcome ui will redirect to once the user successfully linked a spay wa account registration allowofflinecommunication boolean optional default is false if true, s2p will communicate to the user via email and/or phone number to facilitate the provisioning process registration data object optional arbitrary data blob that'll be passed to the device when an account is linked registration custom cardname string required card name that'll show on the welcome page registration custom cardarturl url required cardart url that'll show on the welcome page registration custom partnername string required partner name that'll show on the welcome page registration custom partnerlogourl url required partner logo url that'll show on the welcome page registration custom partnertncurl url optional partner tnc url that'll show on the welcome page registration id uuid required registration id that identifies this session registration status enum - pending, linked required registration status pending registration welcomeurlexpiration timestamp required welcomeurl expiration timestamp in milliseconds response status http/1 1 201 created header name value content-type application/json example post /ext/v1/registrations { "email" "user@gmail com", "enforceemailmatching" true, "phone" "14089998888", "enforcephonematching" true, "custom" { "cardname" "xyz bank credit card", "cardarturl" "https //xyz com/cardart png", "partnername" "xyz bank", "partnerlogourl" "https //xyz com/logo png" } } http/1 1 201 created { "id" "395ce2e29485442cbd9bacdc77105126", "welcomeurl" "https //s2p stg mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiw iywxnijoizglyin0 s0dnxrskdkjw8sbh kg4uqhfwkkdnqrviihkaqshq_jayb99ct tizdzrwrn-qlhuzj4imuyv1sagehavyxluamarwa tlekqcerr0jklc-fnqkcva", "status" "pending", "welcomeurlexpiration" 1505953396844 } get registration check existing registration status and/or get new welcomeurl request get /registrations/{regid} headers name value validation partner-id partner id value assigned by samsung wallet required response status http/1 1 200 ok status name value content-type application/json body key type validation description example registration id uuid required registration id that identify this session registration status enum - pending, linked required registration status pending registration welcomeurl url required this is the url that partner can show to the user as an iframe a separate page it shows the qrcode and optionally user can enter email and phone number registration welcomeurlexpiration timestamp required welcomeurl expiration timestamp in milliseconds example http/1 1 200 ok { "id" "395ce2e29485442cbd9bacdc77105126", "welcomeurl" "https //s2p stg mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiw iywxnijoizglyin0 s0dnxrskdkjw8sbh kg4uqhfwkkdnqrviihkaqshq_jayb99ct tizdzrwrn-qlhuzj4imuyv1sagehavyxluamarwa tlekqcerr0jklc-fnqkcva", "status" "pending", "welcomeurlexpiration" 1505953396844 } errors common http error codes http code description application code message 400 bad request 400 1 invalid data 500 internal server error 500 1 internal server error 503 service not available 503 1 service temporarily unavailable retry-after header is required 503 service not available 503 2 api temporarily unavailable retry-after header is required 3 4 12 outbound to partner the outbound api specification for save2pay defines how the save2pay server communicates with partner servers during the push provisioning process this specification ensures secure and standardized communication between save2pay and its partners general contract base url base url for outbound apis to be provided by the partner during the onboarding process security mutual ssl is required common headers header name type validation description request-id uuid required unique identifier for the request partner-id uuid required unique identifier that is provided to partner during onboarding response-id uuid required request-id echoed back in the response headers 3 4 13 event notification notify partner for events request post /notifications body key description type validation example event regid registration id uuid required event type event type enum refer to event types and errors for details required event error more information about the failure enum refer to event types and errors for details event desc additional description of the event string optional user container for user information object conditional will be present for payment cards user id samsung account id string required emailmatches is true if the email provided in the registration request matches with samsung account email boolean conditional it is present only if an email was provided in the registration request phonematches is true if the phone number provided in the registration request matches with device phone number boolean conditional it is present only if a phone number was provided in the registration request device container for device information object conditional will be present for payment cards device id device id string required device imeilast4 last 4 of device imei string size 4 optional device seriallast4 last 4 of device serial number string size 4 optional device locale country device country code countrycode optional wallet container for wallet information object conditional will be present for payment cards wallet id wallet id string required event types and errors type error description wa_ready wallet app is ready for provisioning wa_provisioned indicates card was successfully provisioned into the wallet wa_provision_failure indicates provisioning failed for some unknown reason wa_provision_failure card_already_present indicates card is already present response status http/1 1 200 ok header name value content-type application/json body card data encrypteddata description encrypted pan data that will be returned to the device to provision the card type string size 65536 validation conditional required if card data was not provided in the registration request example example post /notifications { "event" { "regid" "395ce2e29485442cbd9bacdc77105126", "type" "wa_ready" }, "emailmatches" true, "phonematches" true, "user" { "id" "rcsm3gwjt9mxgfwy5sg123" }, "wallet" { "id" "gpccugejs9giih8zch1111" }, "device" { "id" "mtuxmte5mdawmjawmdm1n999", "imeilast4" "6166", "locale" { "country" "us" }, "seriallast4" "4934" } } http/1 1 200 ok { "card" { "data" { "encrypteddata" "*****" } } } 3 4 14 save to pay javascript library javascript library interface savetopayui { /** * shows the welcome ui redirects to welcomecallbackurl if it was provided in the registration request when the page reaches one of the final states */ static void showwelcomemodal s2prequest r ; /** * shows the welcome ui resolves the promise with the status and optionally details after the welcome ui is closed */ static promise <s2presponse> showwelcomemodalpromise s2prequest r ; /** * api to close the modal */ static void closewelcomemodal ; }; dictionary s2prequest { /** * welcomeurl provided by save2pay server in the registration response */ required domstring welcomeurl; }; dictionary s2presponse { required status status, /** * true if triggered by iframe closing by user or parent page * false if the status is one of the final statuses, not triggered by iframe closing this can only happen in mobile android case */ required boolean isiframeclosed, /** * optional error information if the status is 'failure' */ details details }; dictionary details { required errorcode errorcode; domstring message; }; enum status { "success", "failure", "device_not_supported", "default_pending" }; enum errorcode { "invalid_input", "provision_failure", "network_error", "unknown_error", "card_already_present", "canceled" }; usage code block -1 html <script src="https //spay samsung com/s2p/libs/js/0 0 4/s2p min js"></script> code block -2 javascript - redirect var input = { "welcomeurl" 'https //s2p mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiwiywx nijoizglyin0 eltgw8qp56ciezo2 mh34gjebgyp_m7- gw0sbdl3ckaplp7rtvmc8fe-tmq2ipmp2rcc1a39qodbvw2schiarbooahbe77lpvl8nhkkapi6mhynl-yz6gqx0sjw xfrtyjpdzxrnmlq8ffe6pg' } window spay savetopayui showwelcomemodal input code block- 3 javascript - promise var request = { "welcomeurl" 'https //s2p mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiwiywx nijoizglyin0 eltgw8qp56ciezo2 mh34gjebgyp_m7- gw0sbdl3ckaplp7rtvmc8fe-tmq2ipmp2rcc1a39qodbvw2schiarbooahbe77lpvl8nhkkapi6mhynl-yz6gqx0sjw xfrtyjpdzxrnmlq8ffe6pg' } function successcallback response { console log response status } function failurecallback error { console log error } window spay savetopayui showwelcomemodalpromise request then succes scallback, failurecallback promise resolution device type description desktop, tablet & mobile - ios js library will resolve the promise - 1 when the iframe is closed by the user 2 closewelcomemodal function is invoked mobile - android js library will resolve the promise as soon as the provisioning session ends or closewelcomemodal function is invoked provisioning session ends when one of the following has happened - 1 the card was successfully added 2 there was some failure and card provisioning flow cannot continue further 3 timeout has happened 4 user canceled the provisioning process mobile flows
Develop Samsung Wallet
doc7 3 security the following contents describe how to generate jwt json web token it follows rfc 7519 specification for more details, refer to https //jwt io json web token jwt card data token for secure data inter-communication, the token must be encrypted and signed using security factors see the chapter security factors factors for details jwe format [jwe header] jwe header requirement description alg required cryptographic algorithm used to encrypt the content encryption key cek , e g , rsa1_5 enc required content encryption algorithm used to perform authenticated encryption on the plaintext to produce the ciphertext [jwe payload] jwe payload requirement description encrypted_key required contains the base64url jwe encrypted key value the content encryption key is encrypted with the public key iv required contains the base64url jwe initialization vector value initialization vector used in the encryption algorithm ciphertext required ciphertext value resulting from authenticated encryption of the "cdata" object, which is encrypted using "encrypted_key" and "iv" authentication tag required contains the base64url jwe authentication tag value, used for verifying the integrity of the ciphertext [jwe example] base64url utf8 jwe header + ' ' + base64url jwe encrypted_key + ' ' + base64url jwe iv + ' ' + base64url jwe ciphertext + ' ' + base64url jwe authentication tag [jwe header] {"enc" "a128gcm","alg" "rsa1_5"} [jwe payload ciphertext] refer to the tables in "add to wallet" interfaces, and wallet cards [result] eyjrawqioijxtfquufvcs0vziiwizw5jijoiqteyoeddtsisimfszyi6iljtqtffnsj9 abo_ci81btj2d1a8tcgkfwbx9wpri4tkhhzwms8swct_2nnzhasi_nklmj3wnkm5gwaouny14zx_6eozhj6tdiicuq-rairs6woesu8xa2dt1sc5l17wu9wdsgok4anj0kiunii4pler3d-4fox1hx1fok9siwwqqfql4vnqg3he-i4j6cywoybphznybmkyynkiqfczl6lbttehc4tdaorpkwra3vmb0bbz5nyzf1axzfk-17tz0gfhs82a7gl9rej1k5b10_2qfgmhttffvcyytmkv3inmahq0b48l3sk1oppmfcuqigymvludbg_qwdnbl9eilinojjt8ar2nua zviyghusi5fb2rl2 gm5ivizrqqdr8npk1n2qreyai4md-fisfwtbbbgebhnhjmnu-c_o1yuyrvdhcm0ki_rvcdnzkdlcp_g7shskmroyin3bi92qgtkfh2v4y-kcug2dvgv9uiv3oxawvlikfcntmzizj3thv_fue7jrnrbwf2xmviwsqo5b0lmouskbhuhasqilre0rtc1fgn03qfe_e-b87vht5en2pnbydjv-6_8g3aessyodvhyzyayonlxw_kwqif-i5auwfiigk5lgvmuz9dsl6-qkgyiz5pl9nyydjjjpilibtualyvzb1ch-gskweuhiml62zr-chz2ado8vn0sroccjhcax6pbsp3x6fhyxhr65bjzan4lmdfsskn92bcfyclx8j_pgrlm4vui_-kx1lwparkwrtyxmebkmj-2w8numrnnpgt2erlo_hvtz8xh1kopvqjldjdg_qqfu_oewo3hvunkgqeu3qhi6eywvarb7ozsisz-f95o7k-kqtjhfbwz_yra2nxd2bcgc9ua966_9uq4ombwa-8fccawpxyyu4vzbz_ycv25j8grdqhhtw6n9tkzy4nu07jit4ccofvu5n_gsyn1qowd11-_lmk8amf-l5ddipvrun7dealjd8me4nsaakeslqfkz_sddsu0-05icfkm33quqp6fzn5ocy6dmn5kzbvqxzhghcg_a_k1xqqlx_kupl4jsaxcnciuyptdqbc0hxxwuiyrm3tcde6picymgcbpkc205niyld-6en43di4ykc029yqx8rsldoaa6rwvp-zehdkxynyilja-_8fw4ioqp6vk98ajz5t-ajqdk1h6n_opt-zcjkjzz-7r2x07bsa_5ng7iwambrsv1defxhiyv-esce1meif-na_411hgpja-gwczp_wsswlqra0rpdq208ly70xppu4h_3eh_6q8cy5yhhns93vfuo0nsqfniker25zwnid39zoiyj_de9gzjawxa3k0tprpn5mfdpxvtd0-ro4oqi34ab62-rubcdydsmtggihzy3shlgtyafrbzhmpmdkauoj9buirasqpnr4nahfq_s1m1uy5peeq3j0bozmcc4uasnqqnrrelqm8bkfqi41ggjrjm9uvkcr-pmfonsheoqjmce6zkua1qtoefxycdfoejbjqdbcycnoqgugodlqn2-3mkggrpvqvyaolomykc_sl8kpdvjxntkggzqb9vnlnlq9_fy3hmyor0zeexytajfua-4ilsfkg3crqkx3sccsp-w6rf7vfzx5vdhqbhfzbhbuxypfj1bdmis_w-xqdvr1kgblzmsw9grbwm2mk8rt9qpzinhcaqfv2dqagqth4vyuccq0mjcs5qgnbkwdiggvxfk7bhwhk2jrw3k4egjqna9lssnhcjhqz69m16ivbffktnz5ot0l-npkcqeifia-rjmwyy6beodzi8s7s4l4yvlmvjjidujxkb7zsqusvrvizpljmk1rsbvgww7rfojlci9ed-mhpsmxvepj2uxezxu95z_vx7i8xgszxmlwrmsi0eepa5tl7gqfxfimtv4v_o8rjiipqtdjmkenkflnvkn8wio7nosfyak1gplxkpr2scieltcirpweu_4y56yq3wxbvnwcax7yyjytubirk30znw84omyyljc67wntybeqi3ty1vz6wxraenn_dnwiku-ry_bvc9bjwzpgdnpzdtdqndhijleyk9zhzcwvjhvom7vms4cljs6ndqvm9yeilk55h-ejn22-1n1u6pmjeyfbvty0zfrf57sidtcitseejmhbm1uqdsk3rpfxv2hc0dyy9ok7uasdsifwhkczmue4qyurd3y4wvzhjjaprxqeqojfavz-vt-331jvajgkziifmpuyfck-kyrqbq193uya9sy6e-7ereid3cy7gylp9-tfsugobpulnydieamtqi1zaepwjkjqs9ljofdoojhxbqzy0-spitglnbmtuxpxqh6phh34vdb2fcgjttc8h1vp3_a0lvxxzumdu3jypc9ltqmxxg7xz4h4uqrvis2qm3xqwub1uto9syhfnpf16h0-u8bqdofg-yyba-qn_awn4ufs2ftfy-7yd1isp0g31lifmorplehz0pcgefo-mayacxsvgioptn67enmwe_grdwkzv27deocztmcn_fb7qvtdsle881rfz7lrhmitiuitdo4e0fkwuaz1cohrbpbhzmg30tljbxydb-lfq74rxfdc1eobj0vpcdaxomya9eoxcnt70tti16fr3lxjdysgqv_ihtfkdaummfyojjh_w9zagiwb2uxmhng0a3mpt8r80hzbppvh3hsb2uezww8aqtlmkalqf0g6nzqm181z46gnkz7w3h8a29-yci0ypz_m0pofihnwjrendjkew6azodehwyupsno7y93qdc8khhpzb84bkahbc2sye8wgvgmrhfiwsigfht_g3m8nlt3vfasqe98two0tzu3k72kmod8khdw6xq6oalxoba1m9wfi51wmjji8yr4ty-7pqdc51ombxsqurao0-6puja5dufuioq3yzm0iwr1yjciqaofp-xwn9crh287vjzhw2s4ges8s-wuda9yu61u3b1pwr0fyseouzquay_t3qkziaghvz0a2nefdy2wktmaonidqtsku8rhpknqalrc_ydnvyqooxnrdwjrxxilutvlaaqmygtl0zessrvpkh4inkiu0ikbdceqvnlcjqnuymc5u_dtic-pb7e9h4zwxm3talmlzoc-v1u0shzaqok3tvixa9uy9i3qvpz1realwg7w1yqquhpd-6pgolbddfqwxekb43jtry3wnxjizcgzoqwiuvpdhpzm0cyfzlx71cbcpyc3lkg_pduwkb2qjv2hjodusvstv8 bv9p-aoait1mfijswzevsg jws format [jws header] jws header requirement description alg required cryptographic algorithm used to generate signature e g , rs256 cty required payload content type set as "card" or "notification" ver required token version set as 3 certificateid required certificate identifier based on a csr during onboarding 4 digits alphanumeric partnerid required partner identifier utc required creation time to prevent repeated use, the token expires after a certain period of time unix timestamp in milliseconds * time offset from utc of +00 00 [jws payload] jws payload requirement description jwe compact serialization required contains base64url jwe value [jws signature] jws signature requirement description jws signature required base64url signature of base64url utf8 jws header + ' ' + base64url jws payload [jws example] base64url utf8 jws header +' ' + base64url jws payload + ' ' + base64url jws signature [jws header] {"cty" "card","ver" 3,”certificateid” ”ymtt”,"partnerid" "1234567890","utc" 1631776245876,"alg" "rs256"} [jws payload] jwe result [result] eyjjdhkioijqqvntiiwidmvyijoxlcjwyxj0bmvyswqioiixmjm0nty3odkwiiwidxrjijoxnjm1odq1odu2mjq0lcjhbgcioijsuzi1niisimtpzci6ilbuti5qukllrvkifq zxlkcmfxuwlpaupyvezrdvvgvkntmfzaswl3avpxnwpjam9puvrfeu9fzeruu0lzsw1gc1p5stzjbepuuvrgzk5tsjkuqujpx0npodfcdeoyzdfhofrdz0tmv0j4ovdwukk0vgtosfp3bvm4c3djdf8ybk5asefzsv9us0xtajn3bktnnwd3yw9vbnkxnfpyxzzfb1posjzuzelpy1vrlxjhsvjznndvrvn1ofhbmmrumxndnwwxn3d1ovdkc2dpszrhbkows0lvtkljnfbmzvizzc00zm9ymuh4mwzvazlzsxdxcxfgcww0dm5xzznors1pneo2y3lxt1lccgh6tllctut5eu5rsxfgy3psnmxivfrfagm0verbt3jqs1dyytnwtuiwqkj6nu55ekyxyxh6rmstmtd0wjbhzmhtodjbn0dmovjfajflnuixmf8ycwzhbwhudgzgvmn5wvrns3yzsw5nyuhrmgi0oewzu0sxb1bqbuzddxfpz1lnvkxvrgjnx1fxzg5cbdllswxjbk9qanq4qxiytlvbllp2axlhsfvtatvgyjjsbdiuz201axzpenjruwrsoe5qszfomnfsrxlbstrnrc1gsvnmv1rcqkjnrwjotmhqtw51lwnfbzfzvvlsdmroq20ws2lfcnzjre5as0rmy1bfzzdzafnrtvjvwwlum2jjotjxz3rrrmgyvjrzlwtdducyrhzhvjlvsvyzb3hhv3zssutmy050bvppwmozvghwx0zvrtdkck5yyndmmlhnvkl3c1fvnwiwbg1vvxnlykh1sgfzculsukuwunrdmwznbjazcuzfx0utqjg3dmh0nuvumlbuqllesnytnl84zznhzxntew9kdkh5ellhww9uthhxx0txcwlglwk1qvv3rmljz0s1tgdwbvv6ourtbdytuutnwwl6nxbsow55ewrkampwswxpynr1yuxzdnpcmunilwdza3dfvwhptww2mlpslunoejjbzg84vm4wu1jvq2nksgnhwdzqqlnqm3g2rmh5wehynjvcslpbbjrsturmu3nltjkyymngewnmwdhkx3bnukxnnfzvsv8ts3gxbfdwqxjrd1j0wxhtrwjltuotmnc4tlvnuk5uced0mkvstg9fafz0wjhyadfrb3b2cwpmzgpkr19rcwzvx09fv08zshz1tkthuwv1m1fostzfevd2yxjin09ac0lzei1gotvpn0sts1f0smhmqld6x1lyqtjoeeqyqmnnyzl1qtk2nl85dve0b01cd0etoezjy0fxuhhzwvu0dlpcel95y1yynwo4r3jkcuhivhc2bjlus1p5ne51mddqsvq0y0nvrlz1nu5fr3n5bjfxb1demtetx2xnazhhtuyttdvkrglwdnj1bjderwfsskq4twu0tnnbqwtfu0xrzkt6x3nkzfn1mc0wnwljzkttmznxvvfqnmz6bjvpy1k2rg1unwtaqlzrwfpiz0hdr19bx0sxeffrbfhfa3vqtdrku0f4q05davvzufrecwjjmeh4whdvavlyttn0q0rlnnbpq3ltr0niuetdmja1tml5beqtnmvondnkstr5s0mwmjlzuxg4clnmre9bqtzsv3zwlvpfsgrlehloeulssketxzhgdzrpt3fwnnzlothbalo1vc1halfeszfonm5fb3b0lvpdsmtkwnotn3iyeda3qlnhxzvuzzdpd2ftqljtdjfkzuz4ael5vi1fc0nlmu1fawytbmffndexaedwsketr3ddenbfd3ntv2xxcmewulbectiwogxznzbyufb1nehfm0vixzzxogn5nvlosg5totnwzlvpme5tuwzoautluji1endosuqzoxpvaxlqx2rlowdaamfxwgezazbuuhjqbjvnzmrwwfzurdatcm80b3fjmzrhyjyylxjvqknkwwrzbvrhz0liwlkzc0hmr3r5qwzyqnpitvbnretbvu9koujvsvjhu3fwbni0tmfiznffuzftmvv5nxbfrvezajbit3pty2m0vufztlfrbnjyzuxxbthis0zrstqxr2dkukptovv2a0nslvbnrk9uu0hlt3fqbwnlnlpldwexcvrpruzywwnkrk9lakjqcurcy3ldtm9xr3vhb0rscw4yltnna0dhcnbwuvzzqw9st015s0nfu2w4a3bedmpytnrlz2d6uui5vm5sbmxrov9mwtnobxlvcjbaruv4evrhamz1ys00swxzrkthm2nyuwt4m3njq1nwlvc2cmy3dmz6wdv2rghxykhgwmjiynvywxbgajfirg1jc193lxhrrfzymutnymx6txnxowdsqndnmk1lohj0ovfqemlosgnhuwzwmmrryudrdgg0vnlvq2nxmg1kq1m1uwduqkt3zglhr1z4zms3qmh3sesyanjxm0s0zwdquu5houxtu05oq2pouvo2ou0xnmlwqmzma3ruejvvvdbmlw5qs2nrrulmauetcmptd1l5nkjfb2raathtn1m0bdrzdkxtdmpqaur1snhlqjdac1fvu1zyvml6ugxqtwsxunnidmd3vzdyzk9ktgnjowvklw1ichnnehzlcgoyvxhfwlhvotvax3zyn2k4eedtwnhtbfdybvnjmevfuee1vew3r1fmegzjtxrwnfzftzhsakljuff0repna0vos0zstlzrbjhxaw83bm9zzllbazfncgx4a1bsmlndsuvsvenjulb3zxvfnhk1nllxm3d4ylzud0nbwdd5ewp5vhvcsvjrmzb6tlc4ng9nwvlsskm2n3dudhlcrxfpm1rzmxz6nld4cmflbm5fze53swt1lvjzx2j2qzlcsldaugdetnbazfrkcw5eaglktev5szl6afpjd3zqsfzvbtdwtvm0q0xkczzozhfwbtl5zwlsazu1sc1fsm4ymi0xbjf1nnbnamv5rkj2dfkwekzyzju3c2lkvgnjdhnfrupnagjnmvvxzfnlm1jwrnh2mkhdmerzwtlpazd1qxnec0lgv2hlq1pndwu0uxlvcmqzwtrxdlpiampbufjycuvrb0pmyvzalvz0ltmzmwpwyupha3pjawznuhvzrmnrlwtzunfiute5m1vzytltwtzfltdfcmvjzdndetdhwwxqos1urlnvz29cufvmtnleauvbbxrrstf6ywvwd0planftouxkb0zkt09qafhicvp5mc1zcel0z0xuqk10dxhweffinnbosdm0dmrimmzdz2p0vem4adf2cdnfqtbmdnh4envnzfuzsllwyzlsdhfnwhhhn1hangg0vvfydkltmnftm1hrd1vcmxvutzltewhmtlbmmtzomc1voejrze9gry1zwwjblvfox0fxtjrvrlmyrlrgws03euqxaxnwmeczmuxjrm1punbmzuh6mhbjz0vmty1nyxlhy3hzvkdjt3b0bjy3rw5nd2vfr3jkd0t6vji3rgvvy3pubunux0zin1fwverzteu4odfsrno3thjotwlusvvjvgrvneuwrmtxvwfamunvshjccejowm1hmzb0tgpieflkqi1srne3nhjyzmrdmwvpqkowdlbjzef4b215qtlft1hdtnq3mhr0ste2rlizbhhqzfltr1f2x2lidgzrzgf1tu1gwu9kakhfvzlaywdjv2iydxhnae5hmeeztxbuofi4mehaqlbwdkgzsfnimnvleld3oefxvgxta0fscuywzzzuwnfnmtgxejq2z05lwjd3m2g4yti5lxldatb5uhpfbtbqt0zjag5xanjfbmrqs2v3nmfab0rfshd5vvbzbk83etkzuurjogtiafb6yjg0ymtbaejdmlnzzth3r3zntxjorkl3u2lnzmh0x0cztthobhqzdmzbc1floth0d28wvhp1m0s3mkttb0q4a2hkdzzyctzpywxyb2jbmu05d2zpntfxbwpqath5cjruws03chfeyzuxt21iefnrvxjbtzatnlb1ame1rfvgvulputn5wk0wavdsmvlky2lxqw9gcc1yv045q3jimjg3dkpaafcyczrhzxm4uy1xdwrhoxl1njf1m2ixchdsmgzzc0vpvxprdwfzx3qzcwtaawfhahzameeybkvgzfkyd2tubwfvbmlkcxrza3u4cmhqs25xyuxsq195zg52evfpt3huckr3sljyeelmdvrwbgfhuw1zz1rsmhplc1nsdnbrsdrjbmtjvtbpa0jeq2vrvm5mq0pxtnvztwm1dv9eveljlxbin0u5sdr6v3htm1rbbe1mem9dlxyxdtbzshphcw9rm3r2svhboxv5owkzcxzqejfyzufmv2c3dzf5cvfvafbkltzqr29symrkrnfxwevryjqzsnrsetn3bnhksvpdr1pvcxdpvxzqzehwem0wq3lmekx4nzfjqmnweumztgtnx3bevvdlqjjxslyysgpvzfvtdln0djguyny5cc1hb0fjddftzklkc1dazxztzw bwqnq5n8apkes9fbb4htdqbterdklaztmphx6r_h7k7og4lx3gmgds3fep6o4cs6jttutost6gdmudwzozztptwetj64p4of1wlzkf6tx8alrkaiqr2nptxh_ah87bkw69myzakb4d9obngp7qdk7izgkpq180olmbtpxiv-wkin92f6n2fpoi5bt1ws_hh8wxgla6nkm0s-roayl7gtvgbs6gohkhvgaxnhesqy7kzgqte9orcc_fliqyyrabhtpgybwb7wp0hpodzq0dpadumkkprs05vidfzjufxduyc7zbze-g_tixrjk3linf4rnzxyi0gohbw5grphu3wltg authorization token the restful api needs to include an authentication token jwt samsung and partners can use the token to authenticate api calls jwt format [jws header] jws header requirement description alg required cryptographic algorithm used to sign the payload e g , rs256 cty required payload content type, such as "auth" ver required token version set as 3 certificateid required certificate identifier based on a csr during onboarding 4 digits alphanumeric partnerid required partner id same as partnercode utc required creation time to prevent repeated use, the token expires after a certain period of time unix timestamp in milliseconds * time offset from utc of +00 00 [jws payload] jwe payload requirement description api required current api information api method required api method api path required api path refid optional a unique content identifier defined by the content provider authentication optional authentication value to be used in accordance with the pre-configured authentication method on wallet card * see the chapter authentication for more details updatedat optional data update timestamp epoch timestamp in milliseconds [jws header] {"cty" "auth","ver" 3,”certificateid” ”ymtt”,"partnerid" "1234567890","utc" 1631775948348,"alg" "rs256"} [jws payload] /** samsung server api > update notification **/ { "api" { "method" "post", "path" "/wltex/cards/12584806754/notification" }, "refid" " ref-20230304-0003" } /** partner server api > get card data **/ { "api" { "method" "get", "path" "/cards/12584806754/ref-20230304-0003" }, "refid" "ref-20230304-0003" } [jws result] eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjm0nty3odkwiiwidxrjijoxnjmxnzc1otq4mzq4lcjhbgcioijsuzi1niisimtpzci6ildmvc5qukllrvkifq ewogicagikfqssi6ihskicagicagicaibwv0ag9kijogikdfvcisciagicagicaginbhdggioiail2nhcmqvq1mxnjezodm1mzixmju4ndgwnjc1ncikicagih0sciagicaicmvmswqioiaiq1mxnjezodm1mzixmju4ndgwnjc1ncikfqo ascawii-ambjkoly_auzagxrwuumkfuhbznrlk0ykvbyog2dsljs-_xyq9tooh4cwsfpkej0vqkwbyrokabkhwmrdbkjrajeaq-87s-bqp1rcbelnzmfq66gcmbg9xpd6dmwwlnrazyszjrcyzkllu9si5qykrkyuoz34mcwzwdneos3z3gl1xft42m2-cduxkqwi0wfryanxiedwboiyu12sdnpsrbwlb7liw4omm6fg01dirtbk6ayumbf7zqjl_oygelv9jfdyoze0tqyklttshgdws7imyamha5nhagplhqivzaqoosa14gbcm1u0zdqw4jqa4-1vgjr_i5xea [authorization token] bearer eyjjdhkioijbvvriiiwidmvyijoxlcjwyxj0bmvyswqioiixmjm0nty3odkwiiwidxrjijoxnjmxnzc1otq4mzq4lcjhbgcioijsuzi1niisimtpzci6ildmvc5qukllrvkifq ewogicagikfqssi6ihskicagicagicaibwv0ag9kijogikdfvcisciagicagicaginbhdggioiail2nhcmqvq1mxnjezodm1mzixmju4ndgwnjc1ncikicagih0sciagicaicmvmswqioiaiq1mxnjezodm1mzixmju4ndgwnjc1ncikfqo ascawii-ambjkoly_auzagxrwuumkfuhbznrlk0ykvbyog2dsljs-_xyq9tooh4cwsfpkej0vqkwbyrokabkhwmrdbkjrajeaq-87s-bqp1rcbelnzmfq66gcmbg9xpd6dmwwlnrazyszjrcyzkllu9si5qykrkyuoz34mcwzwdneos3z3gl1xft42m2-cduxkqwi0wfryanxiedwboiyu12sdnpsrbwlb7liw4omm6fg01dirtbk6ayumbf7zqjl_oygelv9jfdyoze0tqyklttshgdws7imyamha5nhagplhqivzaqoosa14gbcm1u0zdqw4jqa4-1vgjr_i5xea secure add to samsung wallet authentication defines the data format to authenticate the user registering/updating the card if need a custom user verification process, please get in touch with us via tech support [authentication data set] case type value description connecting information ci user’s ci value identifier of identity verification agency samsung account sa user’s samsung account verifying that the signed-in samsung account on the user's galaxy device matches subscriber identity module sim sim card information on mobile telephone devices verify the sim information being used on the user's mobile phone one-time password otp dynamic password the temporary password provided by the partner to the user is verified by receiving user input during the add to samsung wallet process access token token token to verify data retrieval request token data included in card data is used as a key accessed when querying a partner server this tokenized key can be reissued when the partner delivers updated card data [example] type sample data ci {"ci" "hsd0iuf9bew8ugb7wqeu6i"} sa {"account" "samsungwallet@samsung com"} sim [{"uiccid" "abcderwyt","telno" "821012345678","isprimary" true},{"uiccid" "abcderwys","telno" "01012345679","isprimary" false}] otp {"otp" "947253"} token {"x-access-token" "7c8d38690d0e3b6aa077198abd2554a3a7940b52cf86bd690c1"}
Develop Samsung Wallet
doc7 5 helpful resources data structure and format additional information additional information to be delivered to customers can be defined in the following format be careful of the content string length if an attribute does not allow long content, it is not displayed on the device json format key type requirement description count integer required size of information info[] object arrays required container of information info[] title string required title * need either content or chart info[] content[] string arrays optional content text info[] chart object optional chart data info[] chart headers[] string arrays optional header of chart info[] chart body[] array required body of chart info[] chart metadata[] string arrays optional metadata of chart * units or additional information of chart example * extra information for a boarding pass { "count" 3, "info" [ { "title" "baggage allowance", "content" [ "15 kg" ] }, { "title" "boarding priority", "content" [ "yes" ] }, { "title" "seat class", "content" [ "economy plus" ] } ] } * an example case of long content being allowed movie ticket policy { "count" 2, "info" [ { "title" "refunds and exchanges", "content" [ "refunds and exchanges of movie ticket s are available in certain limited circumstances ", "movie tickets purchased through the services include a non-refundable convenience fee before purchasing your movie ticket s we urge you to confirm the title, time, location and quantity of tickets for the movie you wish to see " ] }, { "title" "changes to ticket policy", "content" [ "from time to time, we may revise this ticket policy you can determine when this ticket policy was last revised by referring to the top of this page any changes to this ticket policy will become effective upon posting of the revised ticket policy on the internet, accessible through the services " ] } ] } * example usage of charts { "count" 1, "info" [{ "title" "paygo price guide for usage", "chart" { "headers" ["grade", "round", "one-way"], "body" [ ["platinum", "$25", "$10"], ["gold", "$30", "$15"], ["silver", "$40", "$20"] ], "metadata" "unit /h" } }] } paygo price guide for usage members grade round one-way platinum $25 $10 gold $30 $15 silver $40 $20 unit /h the above example may differ from what is actually displayed links linkable data which provides additional information in the following format json format key type requirement description count integer required size of links info[] array of objects required container of links info[] link string required link url info[] type string required view type that will run the link* allowed values web, app, browser info[] text string optional text of the link example { "count" 1, "info" [{ "link" "https //samsung external info link", "type" "web", "text" "see more information" }] } classification classification defines different kinds of people who can use the cards json format key type requirement description person[] array of object required container of person list who can use the card person[] category string required category name person[] count string required number of persons example * 3 persons with a ticket { "person" [ { "category" "adult", "count" 2 }, { "category" "child", "count" 1 } ] } * 1 person with a ticket { "person" [ { "category" "adult", "count" 1 } ] } transactions transactions to be delivered to customers can be defined in the following format be careful of the content string length if an attribute does not allow long content, it will not be displayed on the device json format key type requirement description [] date string required transaction date [] amount string optional amount value [] description string optional description example * an example for payasyougo-evcharge-transactions [ { "date" "2023-09-10 12 00 00", "amount" "50,000 won", "description" "suwon station branch" }, { "date" "2023-09-20 18 00 00", "amount" "70,000 won", "description" "gangnam central branch" } ] locations locations refer to place information that denotes where a card can be used using this information, samsung wallet can show a map, place name, and address additionally, location information can be used to provide location-based services lbs location information can be represented by a json array and up to 10 locations can be specified notice map services are only available in certain countries json format key type requirement description [] lat double optional latitude [] lng double optional longitude [] address string required string containing the full address [] name string required branch name example * location information for the entrance to oracle park [ { "lat" 37 779337, "lng" -122 388755, "address" "24 willie mays plaza, san francisco, ca 94107", "name" "willie mays plaza" }, { "lat" 37 77814, "lng" -122 390836, "address" "king st, san francisco, ca 94107", "name" "king st" } ] card art guide loyalty description type bgimage + bgcolor bgimage only description display the bgimage and the bgcolor in a predefined ratio display bgimage fully description
We use cookies to improve your experience on our website and to show you relevant advertising. Manage you settings for our cookies below.
These cookies are essential as they enable you to move around the website. This category cannot be disabled.
These cookies collect information about how you use our website. for example which pages you visit most often. All information these cookies collect is used to improve how the website works.
These cookies allow our website to remember choices you make (such as your user name, language or the region your are in) and tailor the website to provide enhanced features and content for you.
These cookies gather information about your browser habits. They remember that you've visited our website and share this information with other organizations such as advertisers.
You have successfully updated your cookie preferences.