Filter
-
Content Type
-
Category
Mobile/Wearable
Visual Display
Digital Appliance
Platform
Recommendations
Filter
Develop Samsung Pay
docfaq & troubleshooting if the samsung pay app throws error_not_allowed -6 / error_unable_to_verify_caller -359 , what needs to be checked on the partner app side? for debug verify that debug_mode is set as y in your android manifest verify that your spay_debug_api_key is valid in android manifest go to the samsung pay developers portal, sign in, and open your service details to check/retrieve the correct debug api key verify that your spay_debug_api_key has not expired verify that the serviceid is correct; make sure it was generated for the test mode and not for release verify that the servicetype is correct; make sure it is same as the value assigned by the samsung pay developers portal when you create the service verify that the device’s samsung account is registered allowed under test accounts in the service details for release verify that debug_mode is set as n in your android manifest verify that spay_debug_api_key is not defined in your android manifest it must be an empty string or "" verify that the serviceid is correct; make sure it was generated for release and not for the test mode verify that the servicetype is correct; make sure it is same as the value assigned by the samsung pay developers portal when you create the service ask your samsung pay relationship manager rm to confirm that the status of your service is approved i received an onsuccess callback for a `getallcards ` response but the card list is empty even though there already one or more installed cards in samsungpay one of the most common exceptions during development is that “getallcard ” returns an empty list even though the card has already been added to the samsung wallet the main reason for this exception is the mismatch of an issuer name with the samsung pay portal the issuer name on the samsung pay portal and the actual issuer name of the card must be the same to overcome this problem if you cannot confirm the actual issuer name of the card, just add the card to samsung wallet app and see its details information open wallet app > tap on the card > three-dot menu > customer service option > under the title you will find the issuer name the following screenshot would be helpful for better understanding, i have received an onfail callback for `getsamsungpaystatus ` with a `spay_not_supported` status code if your app’s target api level is set to 30 or higher, refer to setting up your sdk development environmen part and follow guide for android r os targetsdkversion 30
Develop Samsung Blockchain
docgetting started the following steps should be followed before integrating the samsung blockchain platform sdk: prepare samsung galaxy device to run your apk. check your development environment. android minimum api level for samsung blockchain platform sdk : 24 noteminimum build level for samsung blockchain platform sdk is 21, but will properly work from level 24. configure your ide to integrate samsung blockchain platform sdk with your android app. create an “aar” directory if you don’t have one, and add the blockchainplatformsdk_1.2.03.aar to ”aar” directory in your android project. go to gradle scripts > build.gradle and enter the following dependencies: dependencies { repositories { flatdir{ dirs 'aar' } } implementation name: 'blockchainplatformsdk_1.2.03', ext: 'aar' // network implementation 'com.squareup.retrofit2:retrofit:2.6.0' implementation 'com.squareup.retrofit2:converter-gson:2.6.0' implementation 'com.squareup.okhttp3:logging-interceptor:3.8.0' implementation 'com.google.code.gson:gson:2.8.5' // web3j implementation 'org.web3j:core:4.8.8-android' // for check developer mode implementation 'org.ini4j:ini4j:0.5.4' // dagger implementation 'com.google.dagger:dagger:2.21' annotationprocessor 'com.google.dagger:dagger-compiler:2.21' implementation "io.reactivex.rxjava2:rxjava:2.2.8" implementation "io.reactivex.rxjava2:rxandroid:2.1.1" // protobuf implementation 'com.google.protobuf:protobuf-java:3.9.1' implementation 'com.google.protobuf:protobuf-gradle-plugin:0.8.10' } import the package into your code. import com.samsung.android.sdk.blockchain.*; samsung blockchain platform sdk supports 2 kinds of hardware wallet: samsung blockchain keystore ledger's devices like nano x, nano s. notetransactions on evm-compatible networks binance smart chain, klaytn, polygon, avalanche (c-chain) and fantom are signed from the hardware wallets using the same pathway as that of ethereum. for these transactions, currency unit displayed on hardwarewallet, such as samsung keystore or ledger, will show eth as currency unit instead of bnb, klay, matic, avax and ftm. development setting guide for each environment is as follows: integration with samsung blockchain keystore samsung blockchain keystore is compatible with selected samsung devices only. you need to have one of selected samsung devices to run your app with samsung blockchain keystore. please refer to the restrictions. check your development environment. android minimum api level for samsung blockchain keystore : 28 notesamsung blockchain platform sdk requires samsung blockchain keystore that is higher than 1.5.1. download the samsung blockchain keystore sdk. set 'developer mode' to test your app without app id verification. you can find more information about app id (scw_app_id), here. add "blockchainkeystoresdk_v1.6.0.aar" to "aar" directory in your android project. go to gradle script > build.gradle and add below dependency: dependencies { ... // keystore sdk implementation name: 'blockchainkeystoresdk_v1.6.0', ext: 'aar' ... } integration with nano x or nano s by ledger there is no restrictions to link with ledger device. so any samsung galaxy mobile is ok to test your app which is integrated with samsung blockchain platform sdk when you sign with ledger device. check your development environment. ledger nano x : 1.2.4-1 or higher ledger nano s : 1.6 or higher ledger : ethereum app: 1.9.8 or higher you can refer ledger's guide page to get started. go to gradle > build.gradle and add below dependency: dependencies { ... // ledger implementation 'com.ledger.lib:ledger-android-library:1.2.2' }
Learn Code Lab
codelabintegrate samsung pay web checkout with merchant sites objective learn how to integrate the samsung pay payment system into your merchant sites using the samsung pay web checkout sdk partnership request to use the samsung pay web checkout sdk, you must become an official samsung pay partner once done, you can fully utilize this code lab you can learn more about the partnership process by visiting the samsung pay page here in samsung developers notein accordance with the applicable samsung pay partners agreements, this code lab covers the setup and use of the samsung pay web checkout sdk for purposes of integrating samsung pay with merchant sites the use cases and corresponding code samples included are representative examples only and should not be considered as either recommended or required overview the samsung pay web checkout service enables users to pay for purchases on your website with payment cards saved in the samsung wallet app on their mobile device it supports browser-based payments on both computers and mobile devices a mobile device with samsung wallet installed is required to make purchases through samsung pay web checkout when the user chooses to pay with samsung pay, they must provide their samsung account id email id or scan the qr code on the screen with their mobile device the user then authorizes the purchase within the samsung wallet application, which generates the payment credential on the device and transmits it to your website through the web checkout for more information, see samsung pay web checkout set up your environment you will need the following access to samsung pay developers site samsung wallet test app from samsung pay developers site samsung galaxy device that supports samsung wallet app internet browser, such as google chrome codesandbox account notein this code lab, you can use the samsung wallet test app to try the functionality of the samsung pay web checkout service in a staging environment you can use the official samsung wallet app from the galaxy store once your service is in the production environment start your project and register your service in your browser, open the link below to access the project file of the sample merchant site codesandbox io/s/virtual-store-sample-fnydk5 click the fork button to create an editable copy of the project next, follow the steps below to register your sample merchant site in the samsung pay developers site go to my projects > service management click create new service select web online payment as your service type enter your service name and select your service country select your payment gateway from the list of supported payment gateways pg if your pg uses the network token mode, upload the certificate signing request csr or privacy enhanced mail pem file you obtained from your pg contact your pg for details enter the payment domain name s for your website in the service domain field and click add for example, if your domain is mywebstore com, but the checkout page is hosted on the subdomain payments mywebstore com, you will need to enter payments mywebstore com as the service domain for each additional domain url, click add in this code lab, the generated preview url of the forked project is your service domain click the name of the newly created service to see its details, such as the generated service id that you can use for all the registered service domains include the samsung pay web checkout javascript sdk the samsung pay web checkout sdk uses javascript to integrate the samsung pay payment system to your website this sdk allows users to purchase items via web browser in the <head> section of the index html file of the project, include the samsung pay web checkout javascript sdk file <script src="https //img mpay samsung com/gsmpi/sdk/samsungpay_web_sdk js"></script> initialize the samsung pay client to initiate payments using the samsung pay api, create a new instance of the paymentclient class and pass an argument specifying that the environment as stage write the code below in the <script> tag of the <body> section const samsungpayclient = new samsungpay paymentclient { environment "stage" } ; when the service is still in debug or test mode, you can only use the staging environment to test payment functionality without processing live transactions noteby default, the service is initially set to debug or test mode during creation to switch the service status to release mode, a request must be made through the samsung pay developers site after successfully transitioning to release mode, change the environment to production next, define the service id, security protocol, and card brands that the merchant can support as payment methods the service id is the unique id assigned to your service upon creation in the samsung pay developers site let paymentmethods = { version "2", serviceid "", //input your service id here protocol "protocol_3ds", allowedbrands ["visa", "mastercard"] }; check whether the samsung pay client is ready to pay using the given payment method call the createandaddbutton function if the response indicates that the client is ready samsungpayclient isreadytopay paymentmethods then function response { if response result { createandaddbutton ; } } catch function err { console error err ; } ; create and implement the samsung pay button go to the <body> section and, inside the page-container div, create a container for the samsung pay button <div align="center" id="samsungpay-container"></div> next, go back to the <script> tag and write the createandaddbutton function inside this function, generate the samsung pay button by calling the createbutton method ensure that the button appears on the page by appending it to the container you created function createandaddbutton { const samsungpaybutton = samsungpayclient createbutton { onclick onsamsungpaybuttonclicked, buttonstyle "black"} ; document getelementbyid "samsungpay-container" appendchild samsungpaybutton ; } function onsamsungpaybuttonclicked { // create the transaction information //launch the payment sheet } from the createandaddbutton function, call the onsamsungpaybuttonclicked function when the user clicks the generated button create the transaction information in the onsamsungpaybuttonclicked function, create the transactiondetail object for the user’s purchase input your service domain in the url key let transactiondetail = { ordernumber "sample0n1y123", merchant { name "virtual shop", url "", //input your service domain countrycode "us" }, amount { option "format_total_estimated_amount", currency "usd", total 2019 99 } }; below are the descriptions of the keys included in the transactiondetail object key type description ordernumber string order number of the transaction allowed characters [a-z][a-z][0-9,-] merchant object data structure containing the merchant information merchant name string merchant name merchant url string merchant domain url e g , samsung com the maximum length is 100 characters merchant countrycode string merchant country code e g , us for united states iso-3166-1 alpha-2 amount object data structure containing the payment amount amount option string display format for the total amount on the payment sheet format_total_estimated_amount = displays "total estimated amount " with the total amountformat_total_price_only = displays the total amount only amount currency string currency code e g , usd for us dollar the maximum length is 3 character amount total string total payment amount in the currency specified by amount currencythe amount must be an integer e g , 300 or in a format valid for the currency, such as 2 decimal places after a separator e g , 300 50 notefor the complete list of specifications for the transactiondetail object, see samsung pay web checkout api reference launch the payment sheet after creating the transaction information, call the loadpaymentsheet method to display the web checkout ui the user can either input their email address or scan the generated qr code a timer screen in the web checkout ui is displayed after the user input, while a payment sheet is launched in the user's samsung wallet app the payment sheet contains the payment card option s and the transaction details when the user confirms their payment on their mobile device, you will receive the paymentcredential object generated by the device then, inform the samsung server of the payment result using the notify method the paymentresult object contains the payment result information during transaction processing and after the payment is processed with the pg network notefor real transactions, you need to extract the payment credential information from the 3ds data key within the paymentcredential object and process it through your payment provider however, in this code lab, you only need to print the paymentcredential to the console samsungpayclient loadpaymentsheet paymentmethods, transactiondetail then function paymentcredential { console log "paymentcredential ", paymentcredential ; const paymentresult = { status "charged", provider "test pg" }; samsungpayclient notify paymentresult ; } catch function error { console log "error ", error ; } ; other possible values of the status key are charged - payment was charged successfully canceled - payment was canceled by either the user, merchant, or the acquiring bank rejected - payment was rejected by the acquiring bank erred - an error occurred during the payment process test the samsung pay button after integrating the samsung pay web checkout service into your sample merchant site, follow the steps below to test the functionality of the integrated service open your sample merchant site in a new tab then, click the pay with samsung pay button in the web checkout ui, enter the email address of your samsung account to send a payment request to samsung pay tap the push notification sent to the samsung wallet app installed on your mobile device then, click accept when the payment sheet is loaded, tap on pin and enter your pin to proceed a verified message will display in both the samsung wallet app and web checkout ui to indicate that the payment was processed successfully you're done! congratulations! you have successfully achieved the goal of this code lab topic now, you can integrate the samsung pay web checkout service into your website by yourself if you're having trouble, you may check the complete code below codesandbox io/s/virtual-store-complete-dkhzfx to learn more about developing apps for samsung pay devices, visit developer samsung com/pay
Develop Samsung Pay
docconfigure webview enablements to invoke samsung pay application in webview, you should override the shouldoverrideurlloading method javascript and dom storage are disabled in a webview by default you can enable the both through the websettings attached to your webview websettings allows any website to use javascript and dom storage for more information, visit websettings sample code kotlin import android webkit webview import android webkit webviewclient import android content intent import android content activitynotfoundexception companion object { private const val samsung_pay_url_prefix string = "samsungpay" } private lateinit var webview webview webview settings run { javascriptenabled = true domstorageenabled = true } webview webviewclient = object webviewclient { override fun shouldoverrideurlloading view webview, request webresourcerequest boolean { // get url from webresourcerequest val url = request url tostring // add below if statement to check if url is samsung pay deep link if url startswith samsung_pay_url_prefix { try { val intent = intent parseuri url, intent uri_intent_scheme startactivity intent } catch e activitynotfoundexception { // exception would be occured if the samsung wallet app is not installed // go to install samsung wallet app from market val installintent = intent parseuri "samsungapps //productdetail/com samsung android spay", intent uri_intent_scheme installintent addflags intent flag_activity_new_task startactivity installintent } // return true will cause that the url will not be loaded in webview return true } // the remaining part of the shouldoverrideurlloading method code // return false when you want to load url automatically by webview return false } }
Develop Samsung Blockchain
dockey management in this section, we will cover general terms – public key, private key, and an address, and how samsung blockchain keystore generates and manages these keys. samsung blockchain keystore is a hierarchical deterministic (hd) wallet and follow the industry standards of bip-32, bip-39 and bip-44. (bip stands for bitcoin improvement proposal). by implementing these standards, samsung blockchain keystore aim to provide better user experience to back up the wallet, since the user only needs to keep the root seed of the private and public keys safe. it is just the 12 words generated from samsung blockchain keystore that user needs to remember or write down. we will look into how this is achieved by implementing hierarchical deterministic wallet in samsung blockchain keystore. public key, private key, and address the key pair is mandatory to participate in the blockchain network. this key pair is composed of a public key and a private key. public key is used to derive an address that is used like a user’s account in blockchain. it is safe to share the public key or the address with others. on the other hand, a private key is used to sign transactions and must be kept secret. anyone who has access to the private key can sign transactions and spend cryptocurrency or use crypto-assets without user’s permission. simply put, the private key is a random number. based on the private key, there are algorithms, like elliptic curve digital signature algorithm (ecdsa) that derives the public key. this algorithm may differ depending on the blockchain platform. but one interesting characteristic of a public key is that it is derived from a private key, but the other way around is not possible – public key cannot derive nor predict the private key. the same relationship applies to the public key and the address. address, which is used like a user’s account, cannot derive any public keys. since a private key is a random number, this implies that the randomness of a private key generation must be guaranteed. yet, software random number generators, also known as pseudo random number generators, are known to have security vulnerabilities. because the public key and address format differs by blockchain platforms, user needs to have one key pair for ethereum, another key pair for bitcoin, and etc. if a user wants several accounts for ethereum, then that many number of key pairs will be required. moreover, bitcoin uses countless number of accounts, because after a transaction has been made, any bitcoin changes after the transaction is returned to a different account of the user’s. in other words, it becomes very complex and inconvenient if a user would have to save a key pair for every blockchain account that the user holds. samsung blockchain keystore aims to reduce this by implementing hierarchical deterministic wallet. hierarchical deterministic wallet (hd wallet) hierarchical deterministic wallet allows these multiple key pairs to be derived from a single root seed called, “root seed.” root seed is the root of a large tree of public and private keys. this root seed is the only thing that user needs to store and back up. this is the key to access all of your crypto secrets, so how it is generated and stored should be kept in a secure environment. root seed is between 128 and 256 bits and because the physical look of root seed is not very user friendly, and is a combination of “0” and “1”, there is an industry standard, to replace them with mnemonic words, or a group of words. for example, if the root seed is 128 bits, then with the checksum of 4 bits, a total of 132 bits is split into a group of 11 bits. each group falls into a group number between 0 and 2047, which is an index to a wordlist of 2048 words. these index numbers are then converted into the corresponding words and the combination of 12 words make up “recovery phrase” in samsung blockchain keystore. generating root seed and mnemonic words in samsung blockchain keystore samsung blockchain keystore generates the root seed by trusted app in trusted execution environment, by the steps below: ① true random number generator (trng), also known as hardware random number generator, that is embedded into samsung device chipsets, generates an initial entropy length (ent) of 128 random bits. elaborating more on ent, industry standard allows 128 to 256 bits, in multiple of 32 bits. depending on the length of the initial entropy length, the number of words that this will be converted into will differ, from 12 to 24, in multiple of 3. ② samsung blockchain keystore takes the first 4 bits of the sha-256 hash of the 128 bits to generate something called, “checksum.” theoretically, it is ent/32 that is taken to generate the checksum. so for samsung blockchain keystore, ent is 128 bits, resulting in 4 bits of checksum. for other wallets that generate 24 words with the ent of 256 bits, 8 bits are used as a checksum. ③ samsung blockchain keystore appends the previously generated 4 bits of checksum to the initial entropy length, resulting in 132 bits. ④ 132 bits (combination of initial entropy length and checksum) are divided into 11 bits, resulting in 12 words, “mnemonic codes”. these 12 words are industry standard, and is one of the 2048 words on the bip-39 english wordlist. ⑤ because the 12 words follow bip-39 standard used in the industry, user can back up wallet on a different samsung device that supports samsung blockchain keystore, or other wallets that are bip-39-compatible. importing a wallet when a user imports a wallet in samsung blockchain keystore, the user will enter the 12, 18 or 24 words into the trusted user interface (tui) that will protect user’s input. this time, samsung blockchain keystore will convert the mnemonic words entered in order to the original root seed. the root seed is the one and only source that samsung blockchain keystore will save in a secure area. likewise, this will become the source to generate countless number of public keys and sign transactions with the private keys when a request is made. randomly entering mnemonic words to guess recovery phrase some may raise a question on the feasibility of guessing the words among 2048 words on the mnemonic words list and somehow, getting access to the private key that corresponds to the recovery phrase. but it’s not just the words of 12 to 24 in multiple of 3, that have to correctly chosen, but the order of these words have to be correct as well. this is because if you are using 12 words, then 128 bits must be correctly guessed, and 266 bits for 24 words. choice between 0 and 1 on 128 bits give us 2 x 2 x 2 x … 2 = 2128 of the possible root seeds, and 2^256 cases for 24 words. moreover, the checksum of 4 bits for 12 words, and 8 bits for 24 words, protects randomly making a combination of words. when importing a wallet in samsung blockchain keystore, there is a checksum check after user has entered 12, 18 or 24 words, and it will throw an error that the combination of words entered isn’t a valid recovery phrase. the user will receive absolutely no information on which words make the checksum invalid, making it even more difficult to randomly guess the recovery phrase. hd path the hd wallet is a tree of theoretically infinite number of private and public keys. one interesting fact is that it allows derivation of a child keys from the root seed via a function defined in bip-32 standard, “child key derivation (ckd) functions.” this means with the root seed and the location of the tree, key derivation is feasible. more details on the key derivations can be found in the appendix. the location in the tree is called a “path” and bip-44 standard defines the standard to unify rules for wallet’s compatibility of these hd key generation. hence developers just need to specify the path to derive the address from, and whoever keeps the root seed will be able to calculate and return the actual key value for that specified location. each depth is represented by “/” in the hd path and the apostrophe (‘) implies that the depth is hardened. the following is hd path level standard defined in bip-44. ![](/sd2_images/services/blockchain/hd_path _level_standard.png) purpose’ is “44” here, with the implication that it is the following bip-44 standard. coin_type’ tells if it is ethereum, bitcoin, or other coins. the algorithms to derive the public key from the private key can differ by the coin type, though both ethereum and bitcoin use ecdsa algorithm. the number is constant and set for each crypto, and it can be registered in slip-0044 (slip: satoshilabs improvement proposals), managed by satoshilabs. for example, it is “0” for bitcoin, and “60” for ethereum. account‘ represents multiple accounts number and is usually ‘0’. change is usually used in bitcoin, using “1” for the account to receive all the changes after sending bitcoins to other accounts. normally, “0” is used. address_index is the last depth, and usually starts with 0, and increases by one, when you “add” an account in a wallet. for example, hd path for the first account of ethereum is: m/44’/60’/0’/0/0 and for the second account of bitcoin is: m/44’/0’ /0’/0/1 use of hd path in samsung blockchain keystore samsung blockchain keystore can be used to (1) derive an address or extended public key and (2) sign a transaction. to consume these two features, developers of dapps or wallets will need to define, where in the hd tree, they would like to derive the public key from, and use the corresponding private key to sign the transaction. hd path is a required parameter for apis related to the two features below. get address from samsung blockchain keystore if you are a dapp or wallet developer, you can use samsung blockchain keystore to first get the user’s address or extended public key (public key and the chain code), and search on the blockchain ledger, transaction history and records of the user, so that user can know how much cryptocurrency or crypto-asset is remaining. here’s a brief flow of getting the address. ① wallet or dapps will make a request to samsung blockchain keystore to derive an address or extended public key for hd path “m/44’/60’/ 0’/0/0” (ethereum account). ② using samsung blockchain keystore sdk, wallet/dapp’s request will be passed to samsung blockchain keystore. ③ once samsung blockchain keystore will receives the request to get the address or extended public key, it will pass onto the controller to communicate with trusted app to derive the public key. ④ root seed is stored safely in a secure area, and the derivation of the extended public key (public key and the chain code) of the hd path, is executed by trusted application in trusted execution environment. ⑤ derived public key will be then passed to samsung blockchain keystore app to derive the address, where one more algorithm function will be executed. ⑥ after the calculation, the address that corresponds to the requested hd path will be returned to wallet or dapp via samsung blockchain keystore sdk. sign a transaction by samsung blockchain keystore the user will now want to make a transaction, such as sending cryptocurrencies, that will require the user to “write” on the ledger. this change needs to be signed by the private key that corresponds to the user’s address, derived from user’s public key. below is a diagram and explanation for each step. ① wallet or dapps will make a request to samsung blockchain keystore to sign a transaction. a correctly formatted transaction without the signature part, and hd path to derive the private key to sign the transaction will be needed. ② using samsung blockchain keystore sdk, wallet/dapp’s request will be passed to samsung blockchain keystore. ③ once samsung blockchain keystore will receives the request to get the public key, it will pass onto the controller to communicate with trusted app. ④ trusted app will first parse the transaction, and show critical information on tui, such as recipient address, amount and fees. after user checks the transaction details, user will confirm it via pin verification or fingerprint authentication. ⑤ after the user’s confirmation, the safely stored root seed will now be used to derive the private key that corresponds to the hd path that was passed with the transaction request. then the trusted application will sign the transaction with the derived private key. likewise, these are all executed in trusted execution environment. ⑥ the signed transaction will be returned to samsung blockchain keystore app. ⑦ samsung blockchain keystore app will return the signed transaction to wallet/dapp via samsung blockchain keystore sdk and wallet/dapps can now submit the signed transaction to the blockchain network. more details on the bip-32, bip-39 and bip-44 can be found in the following links. **bip-32:** hierarchical deterministic wallets [https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki) bip-39: mnemonic code for generating deterministic keys https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#wordlists bip-44: multi-account hierarchy for deterministic wallets https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki slip-44: registered coin types for bip-0044 https://github.com/satoshilabs/slips/blob/master/slip-0044.md
Develop Samsung Pay
docflutter plugin overview samsung pay sdk flutter plugin enables to use the samsung pay sdk the primary aim of the samsung pay sdk is to integrate selected samsung wallet features with flutter based android apps on samsung devices the following major operations are supported in the plugin in-app payment gives customers the option of paying for products and services with samsung wallet push provisioning allows customers add a bank card to samsung wallet from the issuer app by providing the required card details to integrate partner applications with the samsung pay sdk flutter plugin, the following components are included in the download samsung pay sdk flutter plugin contains classes, interfaces, and required libraries of samsung pay which is required to communicate with samsung pay services api reference provides descriptions of the apis included in the samsung pay sdk flutter plugin sample merchant app and sample issuer app showing how samsung pay apis can be coded in a finished flutter plugin project all major operations of the samsung pay sdk flutter plugin are implemented for demonstration purposes samsung pay sdk flutter plugin architecture the following diagram shows a high-level architecture revealing the general interactions between the samsung pay sdk flutter plugin and a partner app viewed at this level, the partner apps leverage the samsung pay sdk flutter plugin to perform the operations shown ― push provisioning and opening favorite cards for issuers; online payments for merchants ― with samsung pay the key components involved are partner app - merchant- or issuer-developed app for making online/offline payments and provisioning payment cards through samsung pay samsung pay sdk flutter plugin - sdk integrated into the partner app for direct communication with samsung pay samsung pay app - pay app that the samsung pay sdk communicates with financial network - comprises the payment gateways, acquirers, card associations, and issuers that participate in transaction processing under agreement with the merchant setting up flutter plugin environment the importance of maintaining a good development environment cannot be overstated for integrating the samsung pay sdk flutter plugin with your partner app, the following prerequisites and recommendations help ensure a successful plugin integration and implementation please check the requirements below for the samsung pay sdk flutter plugin for android and system requirements please check the samsung pay android sdk overview to develop a samsung pay sdk flutter plugin service, merchants and issuers need to create service please check this guide for service creation process service registration download the samsung pay sdk flutter plugin to use the plugin the plugin has the following directory structure folder contents docs api reference documentation libs samsungpaysdkflutter_v1 01 00 flutter plugin – contains the samsung pay apis to be used by your partner app samples sample apps integrate samsung pay sdk flutter plugin with your project be sure to do the following before attempting to use the plugin if not already part of your environment, download and install an ide android studio is recommended download the samsung pay sdk flutter plugin configure your ide to integrate the samsung pay sdk flutter plugin with your partner app go to pubspec yaml and enter the following dependency dependencies samsung_pay_sdk_flutter path plugin_directory_path\ [note] if your plugin path is c \users\username\downloads, the dependency will be like below dependencies samsung_pay_sdk_flutter path c \users\username\downloads\ for android proguard rules and dexguard, please check the android sdk overview
Develop Samsung Blockchain
apipackage class tree deprecated index help com.samsung.android.sdk.coldwallet class scwservice java.lang.object com.samsung.android.sdk.coldwallet.scwservice public class scwservice extends java.lang.object class for the proxy to use the samsung blockchain keystore service. the keystore's hd wallet seed is bip-39 compatible see also: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki nested class summary nested classes modifier and type class and description static class scwservice.scwcheckformandatoryappupdatecallback callback for checkformandatoryappupdate api static class scwservice.scwgetaddresslistcallback callback for getaddresslist api static class scwservice.scwgetextendedpublickeylistcallback callback for getextendedpublickeylist api static class scwservice.scwsignbtctransactioncallback callback for signbtctransaction api static class scwservice.scwsignethpersonalmessagecallback callback for signethpersonalmessage api static class scwservice.scwsignethtransactioncallback callback for signethtransaction api static class scwservice.scwsignklaytransactioncallback callback for signklaytransaction api method summary all methods static methods instance methods concrete methods modifier and type method and description void checkformandatoryappupdate(scwservice.scwcheckformandatoryappupdatecallback callback) checks whether a mandatory update of samsung blockchain keystore is needed or not. void getaddresslist(scwservice.scwgetaddresslistcallback callback, java.util.arraylist<java.lang.string> hdpath) request to get a list of addresses that corresponds to a list of hd paths void getextendedpublickeylist(scwservice.scwgetextendedpublickeylistcallback callback, java.util.arraylist<java.lang.string> hdpath) request to get a list of extended public keys that corresponds to a list of hd paths static scwservice getinstance() return the instance of the keystore proxy object int getkeystoreapilevel() get api level which the keystore in the device supports java.lang.string getseedhash() get the pseudo seed hash which is randomly generated when the hd wallet created whenever the seed for the wallet is changed, this key shall be changed. int[] getsupportedcoins() get coin types supported by samsung blockchain keystore void signbtctransaction(scwservice.scwsignbtctransactioncallback callback, byte[] transaction, java.util.list<java.lang.string> hdpathlist, java.util.list<byte[]> utxotxlist, java.lang.string changehdpath) request to sign bitcoin transaction void signethpersonalmessage(scwservice.scwsignethpersonalmessagecallback callback, byte[] msg, java.lang.string hdpath) request to sign ethereum typed structured data void signethtransaction(scwservice.scwsignethtransactioncallback callback, byte[] transaction, java.lang.string hdpath) request to sign ethereum transaction void signklaytransaction(scwservice.scwsignklaytransactioncallback callback, byte[] transaction, java.lang.string hdpath, int networkid) request to sign klay transaction methods inherited from class java.lang.object equals, getclass, hashcode, notify, notifyall, tostring, wait, wait, wait method detail getinstance public static scwservice getinstance() return the instance of the keystore proxy object returns: the instance, or null if samsung blockchain keystore is not available on the device getkeystoreapilevel public int getkeystoreapilevel() get api level which the keystore in the device supports caution : you should check the api level before invoking any apis. otherwise, it will return scwapilevelexception. if keystore api level is lower than the required level, update the keystore app first via scwdeeplink.galaxy_store returns: api level since: api level 1 getseedhash public java.lang.string getseedhash() get the pseudo seed hash which is randomly generated when the hd wallet created whenever the seed for the wallet is changed, this key shall be changed. returns: null if keystore does not support wallet key, zero-length string if the wallet is not created. otherwise, wallet is created. since: api level 1 getsupportedcoins public int[] getsupportedcoins() get coin types supported by samsung blockchain keystore returns: array of coin types, scwcointype throws: scwapilevelexception - api level exception since: api level 1 see also: https://github.com/satoshilabs/slips/blob/master/slip-0044.md checkformandatoryappupdate public void checkformandatoryappupdate(@nonnull scwservice.scwcheckformandatoryappupdatecallback callback) checks whether a mandatory update of samsung blockchain keystore is needed or not. do not call this method in the background thread. if there is a mandatory update, you need to open the app update link, scwdeeplink.galaxy_store parameters: callback - result callback since: api level 1 getextendedpublickeylist public void getextendedpublickeylist(@nonnull scwservice.scwgetextendedpublickeylistcallback callback, @nonnull java.util.arraylist<java.lang.string> hdpath) request to get a list of extended public keys that corresponds to a list of hd paths parameters: callback - result callback hdpath - the hd path list to bring the public keys. the depth of a path should be between 3 and 6. for example, "m/44'/60'", "m/44'/60'/0'/0/0" since: api level 1 see also: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki getaddresslist public void getaddresslist(@nonnull scwservice.scwgetaddresslistcallback callback, @nonnull java.util.arraylist<java.lang.string> hdpath) request to get a list of addresses that corresponds to a list of hd paths parameters: callback - result callback hdpath - the hd path list to bring the addresses. the depth of a path should be between 3 and 6. for example, "m/44'/60'", "m/44'/60'/0'/0/0" since: api level 1 see also: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki signethtransaction public void signethtransaction(@nonnull scwservice.scwsignethtransactioncallback callback, @nonnull byte[] transaction, @nonnull java.lang.string hdpath) request to sign ethereum transaction parameters: callback - result callback transaction - a byte array of a rlp-encoded unsigned ethereum transaction hdpath - hd path that corresponds to public key needed for signing since: api level 1 signethpersonalmessage public void signethpersonalmessage(@nonnull scwservice.scwsignethpersonalmessagecallback callback, @nonnull byte[] msg, @nonnull java.lang.string hdpath) request to sign ethereum typed structured data parameters: callback - result callback msg - a byte array of raw message to be signed. the keystore will add "ethereum signed message:\n" prefix, so it should not be included in msg. hdpath - hd path that corresponds to public key needed for signing since: api level 1 see also: https://github.com/ethereum/eips/blob/master/eips/eip-712.md signklaytransaction public void signklaytransaction(@nonnull scwservice.scwsignklaytransactioncallback callback, @nonnull byte[] transaction, @nonnull java.lang.string hdpath, @nonnull int networkid) request to sign klay transaction parameters: callback - result callback transaction - a byte array of a raw transaction to be signed by samsung blockchain keystore. the transaction is same as the sigrlp value mentioned in klaytn's official document. hdpath - hd path that corresponds to public key needed for signing networkid - the klaytn network id, or the integer to identify the network. "8217" is klaytn cypress mainnet and "1001" is klaytn baobab testnet. since: api level 2 see also: https://docs.klaytn.com/node/en/installation/config signbtctransaction public void signbtctransaction(@nonnull scwservice.scwsignbtctransactioncallback callback, @nonnull byte[] transaction, @nonnull java.util.list<java.lang.string> hdpathlist, @nonnull java.util.list<byte[]> utxotxlist, @nonnull java.lang.string changehdpath) request to sign bitcoin transaction parameters: callback - result callback transaction - a byte array of a serialized unsigned bitcoin transaction to be signed by samsung blockchain keystore hdpathlist - a list of hd paths that corresponds to utxo's public key utxotxlist - a list of byte array of the serialized transaction which contain the utxo used in this transaction changehdpath - hd path that corresponds to the change address since: api level 2 see also: https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki, https://github.com/bitcoin/bips/blob/master/bip-0049.mediawiki, https://github.com/bitcoin/bips/blob/master/bip-0084.mediawiki
Develop Samsung Pay
apioverview package class tree index help package com samsung android sdk samsungpay v2 class samsungpay java lang object samsungpaybase com samsung android sdk samsungpay v2 samsungpay public final class samsungpay extends samsungpaybase this class provides apis to get the samsung pay status on the device also, this class provides apis to activate samsung pay on the device partner apps must check the samsung pay status on the device before performing any card management or payment operation since api level 1 1 constructor summary constructors constructor description samsungpay android content context context, partnerinfo partnerinfo constructor to get the samsungpay instance the caller should set the valid serviceid in partnerinfo method summary all methodsinstance methodsconcrete methods modifier and type method description void activatesamsungpay api to bring the samsung pay app to a state in which cards can be added samsung pay might be either in stub only state or samsung account is not signed in state partner app checks the samsung pay status with getsamsungpaystatus statuslistener api if the status is #spay_not_ready and #extra_error_reason is #error_spay_setup_not_completed , partner app can call this api to launch samsung pay and user can sign in to the app void getsamsungpaystatus statuslistener listener api to get the samsung pay status on the device partner issuers, merchants, and so on applications must call this api to check the current state of samsung pay before doing any operation void getwalletinfo list<string> keys, statuslistener listener api to get the requested wallet information from samsung pay partner app can use this information to uniquely identify the user and samsung pay app on a particular device void gotoupdatepage api to go to samsung pay update page partner app checks the samsung pay status with getsamsungpaystatus statuslistener api if the status is #spay_not_ready and #extra_error_reason is #error_spay_app_need_to_update, partner app can call this api to go to update samsung pay app if samsung pay app version is same or bigger than 2 1 00, it goes to "about samsungpay" menu if samsung pay app version is lower than 2 1 00 or kr device, it launches samsung pay app main screen methods inherited from class java lang object equals, getclass, hashcode, notify, notifyall, tostring, wait, wait, wait constructor details samsungpay public samsungpay android content context context, partnerinfo partnerinfo constructor to get the samsungpay instance the caller should set the valid serviceid in partnerinfo partnerinfo is passed to samsung pay for partner verification context ct = activity; // or context ct = service; // set the serviceid which is assigned by the samsung pay developer during on boarding string serviceid = "sampleserviceid"; bundle bundle = new bundle ; bundle putstring samsungpay partner_service_type, samsungpay servicetype inapp_payment tostring ; partnerinfo pinfo = new partnerinfo serviceid, bundle ; samsungpay samsungpay = new samsungpay ct, pinfo ; parameters context - activity context or service context partnerinfo - partner information throws nullpointerexception - thrown if parameters are null since api level 1 1 method details getsamsungpaystatus public void getsamsungpaystatus statuslistener listener api to get the samsung pay status on the device partner issuers, merchants, and so on applications must call this api to check the current state of samsung pay before doing any operation // set the serviceid which is assigned by the samsung pay developer during on boarding string serviceid = "sampleserviceid"; bundle bundle = new bundle ; bundle putstring samsungpay partner_service_type, samsungpay servicetype inapp_payment tostring ; partnerinfo pinfo = new partnerinfo serviceid, bundle ; samsungpay samsungpay = new samsungpay context, pinfo ; samsungpay getsamsungpaystatus new statuslistener { @override public void onsuccess int status, bundle data { // success case if status == spay_ready { log d tag, "samsung pay is ready on the device" ; // perform your operation } else if status == spay_not_ready { // samsung pay is supported but not fully ready // if extra_error_reason is error_spay_app_need_to_update, // call gotoupdatepage // if extra_error_reason is error_spay_setup_not_completed, // call activatesamsungpay } else if status == spay_not_allowed_temporally { log d tag, "samsung pay is not allowed temporally" ; // if extra_error_reason is error_spay_connected_with_external_display, // guide user to disconnect it } else { // samsung pay is not supported on this device log d tag, "device does not support samsung pay" ; } } @override public void onfail int errorcode, bundle errordata { log e tag, "onfail callback is called, errorcode " + errorcode ; // to get more reason of the failure, // check some extra error codes in the errordata bundle such as samsungpay extra_error_reason if provided } } ; parameters listener - callback through which the result is provided on success, samsung pay status code is provided via statuslistener onsuccess int status, bundle data if samsung pay is ready to be used, samsungpay#spay_ready will be returned otherwise, samsungpay#spay_not_ready or samsungpay#spay_not_supported or samsungpay#spay_not_allowed_temporally can be returned with samsungpay#extra_error_reason from bundle also, partner can get extra information from bundle data bundle keys if provided bundle values #extra_country_code device country code iso 3166-1 alpha-2 #extra_member_id string memberid for korean issuers only on any failure, the failure code is provided via statuslistener onfail int errorcode, bundle errordata note please refer spaysdk common_status_table in detail throws nullpointerexception - thrown if the callback passed is null since api level 1 1 gotoupdatepage public void gotoupdatepage api to go to samsung pay update page partner app checks the samsung pay status with getsamsungpaystatus statuslistener api if the status is #spay_not_ready and #extra_error_reason is #error_spay_app_need_to_update, partner app can call this api to go to update samsung pay app if samsung pay app version is same or bigger than 2 1 00, it goes to "about samsungpay" menu if samsung pay app version is lower than 2 1 00 or kr device, it launches samsung pay app main screen // set the serviceid which is assigned by the samsung pay developer during on boarding string serviceid = "sampleserviceid"; bundle bundle = new bundle ; bundle putstring samsungpay partner_service_type, samsungpay servicetype inapp_payment tostring ; partnerinfo pinfo = new partnerinfo serviceid, bundle ; samsungpay samsungpay = new samsungpay context, pinfo ; samsungpay gotoupdatepage ; since api level 1 2 activatesamsungpay public void activatesamsungpay api to bring the samsung pay app to a state in which cards can be added samsung pay might be either in stub only state or samsung account is not signed in state partner app checks the samsung pay status with getsamsungpaystatus statuslistener api if the status is #spay_not_ready and #extra_error_reason is #error_spay_setup_not_completed, partner app can call this api to launch samsung pay and user can sign in to the app // set the serviceid which is assigned by the samsung pay developer during on boarding string serviceid = "sampleserviceid"; bundle bundle = new bundle ; bundle putstring samsungpay partner_service_type, samsungpay servicetype inapp_payment tostring ; partnerinfo pinfo = new partnerinfo serviceid, bundle ; samsungpay samsungpay = new samsungpay context, pinfo ; samsungpay activatesamsungpay ; since api level 1 1 getwalletinfo public void getwalletinfo list<string> keys, statuslistener listener api to get the requested wallet information from samsung pay partner app can use this information to uniquely identify the user and samsung pay app on a particular device // set the serviceid which is assigned by the samsung pay developer during on boarding string serviceid = "sampleserviceid"; bundle bundle = new bundle ; bundle putstring samsungpay extra_issuer_name, "issuer name" ; bundle putstring samsungpay partner_service_type, samsungpay servicetype app2app tostring ; partnerinfo pinfo = new partnerinfo serviceid, bundle ; samsungpay samsungpay = new samsungpay context, pinfo ; // bundle keys added to get wallet information from samsung pay // this information can be delivered to the partner server for eligibility check arraylist<string> keys = new arraylist<> ; keys add samsungpay wallet_user_id ; keys add samsungpay device_id ; samsungpay getwalletinfo keys, new statuslistener { @override public void onsuccess int status, bundle walletdata { // log d tag, "dowalletinfo onsuccess callback is called" ; // for visa, deviceid can be set to "clientdeviceid" as defined by visa string deviceid = walletdata get samsungpay device_id ; // for visa, walletuserid can be set to "clientwalletaccountid" as defined by visa string walletuserid = walletdata get samsungpay wallet_user_id ; } @override public void onfail int errorcode, bundle errordata { log e tag, "onfail callback is called, errorcode " + errorcode ; // to get more reason of the failure, // check some extra error codes in the errordata bundle such as samsungpay extra_error_reason if provided } } parameters keys - key list to get wallet information if the list is empty, all possible key values are returned the possible keys are #wallet_dm_id #device_id #wallet_user_id listener - callback through which the result is provided on success, statuslistener onsuccess int status, bundle data is invoked with wallet information the success code can be one of the following codes with bundle data status bundle keys bundle values usage vts mdes #error_none samsungpay#wallet_dm_id string device management id n/a paymentappinstanceid = device_id + padding "00" + wallet_dm_id *if you need 'paymentappinstanceid', you can generate it as above samsungpay#device_id string device id clientdeviceid samsungpay#wallet_user_id string wallet user id clientwalletaccountid on any failure, the error code is provided via statuslistener onfail int errorcode, bundle errordata note please refer spaysdk common_status_table in detail throws nullpointerexception - thrown if parameters are null since api level 1 2 samsung electronics samsung pay sdk 2 21 00 - sep 06 2024
Develop Samsung Wallet
docapi specification app2app sdk integration specs description & use rp sdk is an app2app sdk for samsung wallet driver's license service online scenarios this sdk provides an implementation for direct communication between the samsung wallet and partner applications build the settings rpsdk requires additional dependencies with dependencies { implementation "rp-sdk-1 0-release aar" implementation "androidx core core-ktx 1 3 2" implementation "androidx lifecycle lifecycle-runtime-ktx 2 7 0" implementation "androidx lifecycle lifecycle-livedata-core-ktx 2 7 0" implementation "io reactivex rxjava2 rxjava 2 2 21" implementation "io reactivex rxjava2 rxkotlin 2 4 0" implementation "io reactivex rxjava2 rxandroid 2 1 1" implementation "com squareup okhttp3 okhttp 4 11 0" implementation "com google code gson gson 2 10 1" implementation "org bouncycastle bcprov-jdk15to18 1 66" implementation "com nimbusds nimbus-jose-jwt 9 37 3" } androidmanifest xml <manifest xmlns android="http //schemas android com/apk/res/android"> <uses-permission android name="android permission internet" /> <queries> <package android name="com samsung android spay" /> </queries> </manifest> r8 / proguard the specific rules are already bundled into the aar which can be interpreted by r8 automatically sdk method app2app sdk supports one method request signature & parameters of the request method fun request targetpackagename string, requestid string, applink string, onresponselistener onresponselistener? = null parameter name description targetpackagename the pakcage name to connect to requestid a random string to identify each request applink the applink built by samsung mcs server guide onresponselistener a listener to receive each events or requests sample code binding button setonclicklistener { rpclientapis request "com samsung android spay", uuid randomuuid tostring , applink, object rpclientapis onresponselistener { override fun ongetmdocrequestdata deviceengagementbytes bytearray bytearray? { log i tag, "ongetmdocrequestdata $deviceengagementbytes " /** * 1 prepare mdoc request data iso-18013-5 * 2 build sessionestablishmentbytes iso-18013-5 * 3 encrypt it with hkdf iso-18013-5, 9 1 1 5 cryptographic operations **/ return "encryptedsessionestablishmentbytes" } override fun onmdocresponse encryptedresponse bytearray { log i tag, "onmdocresponse $encryptedresponse " /** * 1 decrypt it with hkdf iso-18013-5, 9 1 1 5 cryptographic operations * 2 cbor decode it **/ } override fun onmdocresponsefailed exception exception { log i tag, "onmdocresponsefailed $exception " } } } error code explanation the below exceptions might occur through the onmdocresponsefailed callback exceptions name description rpcommunicationexception this error occurs when the data requested by the listener is incorrect rpconnectionfailedexception this occurs when the app 2 app communication between apps is not working this usually occurs when the target package name is written incorrectly web2app api integration specs the api specifications that need to be implemented by the rp partner are described below called by samsung to the rp partner send key send the wallet application key info and return the data field types requested to the client for authentication of the mdl [request] type value description method post url {partner server url}/rp/v1 0/{cardid}/{refid}/key headers authorization string 1024 required credential token the token can have the prefix "bearer" as an authorization type, e g , bearer <credentials> * refer to authorization token for more details path parameters cardid string 32 required wallet card identifier issued from partner portal when the partner manager signs up for partner services and registers the wallet card they want to service refid string 32 required unique content identifier defined by the content provider query parameter n/a payload data string 3000 required jwt data encrypted with the public key information and card type if decrypted this data is decoded, and it has the following format information { “data” “xxxxxxxxxxx”, “card” {"type" "relyingparty", "subtype" "others", "designtype" "us-01" }} example post {partner server url}/rp/v1 0/{cardid}/{refid}/key content-type application/json { “data” “eyjjdhkioijbvvriiiwidmvyijoimiisinbhcnruzxjjzci6inrlc3qilcj1dgmioje3mtyymdyznjaxmtasimfszyi6iljtmju2in0 zxlkbgjttwlpaupctvrjnfiwtk5jaxdpwvd4bklqb2lvbe5ctfu5qljwqxrnaluysw4wllz5afaxs0fnmvjhbzbdn2nix2pydgtfoddqbnhrrmpfwkppcnnsuus4mnn0owvxtjeyvzvmoejax1d5ngvzmze3vdnad0pncmpwzwdzoek3avlcwwrlogj5lxfimjblu3ruc3jsszlpslfnn1fam2xzauxscxltb0vlbervd0fpatrmry1jukzwdvlrbxrintg3utd1zwnuq1lwwgzwalvecg01yxbfbdv3szm1ugz3d0dkrem2tmowz1awbtz3nk1kdl9mddbvzwc2mwzjagdbyny0emxmzju2cvyzm0t6zjdjbwvpbkjrnnpmsgutymfwyxhvzk5ld2htzwvjuzftv3larm1nvlj6mefsmnbxa0dqlvjkt1iza3vzavo0vjfidy1aq2iyvwvwyvdzru9nuedrvw1mbtfuowjwt1zmz1nuv1f0se5pvtfjyvrhtg1dwlpvqs5pmzzrd1g4wmjnq21wd3o2ll9kzehfvxnnbm13b1drddrmcu4xmuncauntsnutbwpyv2zrckxos0zvenbss085ckdxbudpz0pqukf1ntfsotryc2vivwdfwu9ns2rgr1vomwjhmhb3y0tfngtjmet2dkfowhprodn0azbjqzrot2f6vzlmovntt0rhmu9imefoavfzqzddevfqnndnlwflvk8waejwsejkmeduruh1z3exc21vvmxrbjblsnjqwhm4x3fwcnplekwtadfpcfk1aes1zug5q3nisms0aehcngnmwulkrujfz09bcgzxcgfumgfsvgfmodhhdxlqsgzhdgrma0tlwdv0q0rtajixse5tt0fhwtjvwlzrr0hxu0wzngjabtu5aezmnvdha0ljce9bmhlwue9tqznwtflkv2jsmm85lkfoedbvytvgetzudkxkvxvketazshc e07yyl7ior3885vykss5_q1icpx750uu2ge5sujsedx3dr_u0x4tse9_0nxm46dywnfuxruagfjdnjhibc707li9vi3xtyihwnweifydgv1qb9oddkyyzuahxqmjhvuqncdt6df2caqzf5qgmvqfmgse_t7ipu8vqfxe34do-skzj8ftduss2ecdanbqokchih3m39noubpfhcx68plpcw50dixlupxwegniu2t3co24yliaklgac669accxdqr34utvuqhtjt_ftxkahalzoa34_hj_s82fivixh1itd74uojzse7ibwya_kvysozavnmztz2th9cbwycvx8wa” } [response] type value description http status code 200 ok payload data string 3000 required jwt data encrypted with the data field types requested to the client for authentication of the mdl [result] http status code description 200 ok success 400 bad request requests cannot or will not be processed due to something that is perceived to be a client error 401 unauthorized authorization token is invalid or expired 500 internal server error the server encountered an unexpected condition that prevented it from fulfilling the request 503 service unavailable the server is not ready to handle the request send authentication data the data is encrypted according to the requested data and then transmitted along with the data card information [request] type value description method post url {partner server url}/rp/v1 0/{cardid}/{refid}/auth headers authorization string 1024 required credential token the token can have the prefix "bearer" as an authorization type, e g , bearer <credentials> * refer to authorization token for more details pathparameters cardid string 32 required wallet card identifier issued from partner portal when the partner manager signs up for partner services and registers the wallet card they want to service refid string 32 required unique content identifier defined by the content provider queryparameter n/a payload data string 3000 required jwt data encrypted with the public key information and card type if decrypted this data is decoded, it has the following format information { “data” “xxxxxxxxxxx”, “card” {"type" "idcard","subtype" "drivers","designtype" "us-01" }} example post {partner server url}/rp/v1 0/{cardid}/{refid}/auth content-type application/json { “data” “eyjjdhkioijbvvriiiwidmvyijoimiisinbhcnruzxjjzci6inrlc3qilcj1dgmioje3mtyymdyznjaxmtasimfszyi6iljtmju2in0 zxlkbgjttwlpaupctvrjnfiwtk5jaxdpwvd4bklqb2lvbe5ctfu5qljwqxrnaluysw4wllz5afaxs0fnmvjhbzbdn2nix2pydgtfoddqbnhrrmpfwkppcnnsuus4mnn0owvxtjeyvzvmoejax1d5ngvzmze3vdnad0pncmpwzwdzoek3avlcwwrlogj5lxfimjblu3ruc3jsszlpslfnn1fam2xzauxscxltb0vlbervd0fpatrmry1jukzwdvlrbxrintg3utd1zwnuq1lwwgzwalvecg01yxbfbdv3szm1ugz3d0dkrem2tmowz1awbtz3nk1kdl9mddbvzwc2mwzjagdbyny0emxmzju2cvyzm0t6zjdjbwvpbkjrnnpmsgutymfwyxhvzk5ld2htzwvjuzftv3larm1nvlj6mefsmnbxa0dqlvjkt1iza3vzavo0vjfidy1aq2iyvwvwyvdzru9nuedrvw1mbtfuowjwt1zmz1nuv1f0se5pvtfjyvrhtg1dwlpvqs5pmzzrd1g4wmjnq21wd3o2ll9kzehfvxnnbm13b1drddrmcu4xmuncauntsnutbwpyv2zrckxos0zvenbss085ckdxbudpz0pqukf1ntfsotryc2vivwdfwu9ns2rgr1vomwjhmhb3y0tfngtjmet2dkfowhprodn0azbjqzrot2f6vzlmovntt0rhmu9imefoavfzqzddevfqnndnlwflvk8waejwsejkmeduruh1z3exc21vvmxrbjblsnjqwhm4x3fwcnplekwtadfpcfk1aes1zug5q3nisms0aehcngnmwulkrujfz09bcgzxcgfumgfsvgfmodhhdxlqsgzhdgrma0tlwdv0q0rtajixse5tt0fhwtjvwlzrr0hxu0wzngjabtu5aezmnvdha0ljce9bmhlwue9tqznwtflkv2jsmm85lkfoedbvytvgetzudkxkvxvketazshc e07yyl7ior3885vykss5_q1icpx750uu2ge5sujsedx3dr_u0x4tse9_0nxm46dywnfuxruagfjdnjhibc707li9vi3xtyihwnweifydgv1qb9oddkyyzuahxqmjhvuqncdt6df2caqzf5qgmvqfmgse_t7ipu8vqfxe34do-skzj8ftduss2ecdanbqokchih3m39noubpfhcx68plpcw50dixlupxwegniu2t3co24yliaklgac669accxdqr34utvuqhtjt_ftxkahalzoa34_hj_s82fivixh1itd74uojzse7ibwya_kvysozavnmztz2th9cbwycvx8wa” } [response] type value description http status code 200 ok400 bad request [result] http status code description 200 ok success 400 bad request requests cannot or will not be processed due to somethingthat is perceived to be a client error 401 unauthorized authorization token is invalid or expired 500 internal server error the server encountered an unexpected condition that prevented it from fulfilling the request 503 service unavailable the server is not ready to handle the request code explanation based on the sample code jwt jws + jwe decryption between the wallet backed server and partner server 1 verify by generateing a jws using the body data // generate jws by the body data private static signedjwt parsejwt final string data { try { return signedjwt parse data ; } catch parseexception e { log error "parserjwt error class {}, error message {}", e getclass , e getmessage ; throw new customexception httpstatus internal_server_error, "parserjwt error" ; } } // verify jws using samsung public key public requestbody getrequestbody final keyring keyring { final signedjwt signedjwt = jwtutils verify keyring gettargetpublickey , encrypteddata, 60 * 10000 ; // verify and generate jws try { final string strbody = jwtutils getdecryptedpayloadfrom keyring getsourceprivatekey , jweobject parse signedjwt getpayload tostring ; // decryption jwe by the jws return objectmapper readvalue strbody, requestbody class ; // convert to data format requested by client } catch parseexception | jsonprocessingexception e { log error "getrequestbody {}", e getmessage ; throw new customexception httpstatus internal_server_error, "data body parse error" ; } } 2 decrypt the jwe using the jws jweobject parse signedjwt getpayload tostring public static string getdecryptedpayloadfrom final key privatekey, final jweobject data { try { data decrypt new rsadecrypter privatekey privatekey ; // decryption jwe using partner private key return data getpayload tostring ; } catch joseexception e { log error "joseexception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "getdecryptedpayloadfrom error" ; } } 3 convert to the format send by the client public requestbody getrequestbody final keyring keyring { final signedjwt signedjwt = jwtutils verify keyring gettargetpublickey , encrypteddata, 60 * 10000 ; // verify and generate jws try { final string strbody = jwtutils getdecryptedpayloadfrom keyring getsourceprivatekey , jweobject parse signedjwt getpayload tostring ; // decryption jwe by the jws return objectmapper readvalue strbody, requestbody class ; // convert to data format requested by client } catch parseexception | jsonprocessingexception e { log error "getrequestbody {}", e getmessage ; throw new customexception httpstatus internal_server_error, "data body parse error" ; } } generate mdocestablishment 1 generate rsa key per refid public class transactioncontext { private final keypair keypair; // rsa key private final byte[] clientengagement; // body data received through key api, base64url decoded value @equalsandhashcode exclude private int encryptmessagecounter = 0; // count value when encrypted @equalsandhashcode exclude private int decryptmessagecounter = 0; // count value when decrypted } private cache<string, transactioncontext> contextcache; // rsa key management per refid with memory cache // generate and store rsa key per refid only once upon first request public transactioncontext settransactioncontext final string key, final string base64encodedclientengagement { log info "base64encodedclientpublickey {}", base64encodedclientengagement ; this contextcache put key, new transactioncontext keyutils generatekeypair , base64utils decode base64encodedclientengagement getbytes ; return this gettransactioncontextby key ; } // part of retrieving ras key based on refid public transactioncontext gettransactioncontextby final string key { return optional ofnullable this contextcache getifpresent key orelsethrow -> { log info "{} is empty", key ; return new customexception httpstatus bad_request, "no key matching the refid" ; } ; } 2 create request field values @override public mono<list<string>> createrequest final partnerinputdto inputdto { final string mockdata = "{ \"doctype\" \"org iso 18013 5 1 mdl\", \"namespaces\" { \"org iso 18013 5 1\" { \"sex\" false, \"portrait\" false, \"given_name\" false, \"issue_date\" false, \"expiry_date\" false, \"family_name\" false, \"document_number\" false, \"issuing_authority\" false }, \"org iso 18013 5 1 aamva\" { \"dhs_compliance\" false, \"edl_credential\" false } } }"; return mono just collections singletonlist mockdata ; } 3 generate establishment @allargsconstructor public class establishment { private final transactioncontext context; // info of client public key , partner private key, public key private final list<string> strreqs; // data field information required for authentication to the client private final keyring keyring; // rsa key information for jwt jws + jwe encryption and decryption between wallet backed server and partner server } protected cborobject generate { final cborobject sessionestablishment = cborobject newmap ; sessionestablishment set e_reader_key, cborobject fromobjectandtag keyutils getereaderkey context , tag_size ; // generate onekey by public key in transactioncontext sessionestablishment set data, cborobject fromobject cipherutils encrypt context, generaterequestformat getrequestcborobjectsfrom strreqs ; // add request data field information for authentication return sessionestablishment; } generate the response value jwt jws + jwe 1 generate establishment with jwe public static string encryptedstringjwe final key publickey, final string data { // please enter samsung public key and establishment data final jweobject jwe = new jweobject new jweheader builder jwealgorithm rsa_oaep_256, encryptionmethod a128gcm build , new payload data ; try { jwe encrypt new rsaencrypter rsapublickey publickey ; return jwe serialize ; } catch joseexception e { log error "encryptedstringjwe exception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "encryptedstringjwe error" ; } } 2 generate jws by jwe public static string generatesignedstringjws final key privatekey, final key publickey, final string payload { // enter your partner’s public key, private key, and jwe data try { final jwsobject jwsobj = new jwsobject getdefaultjwsheader , new payload payload ; jwssigner signer = new rsassasigner new rsakey builder rsapublickey publickey privatekey rsaprivatekey privatekey build ; jwsobj sign signer ; return jwsobj serialize ; } catch joseexception e { log error "encryptedstringjws exception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "generatesignedstringjws error" ; } } 3 generate jwt jws + jwe public partneroutputdto topartneroutputdto { final cborobject generate = this generate ; final string establishment = base64 geturlencoder encodetostring generate encodetobytes ; final string strjwe = jwtutils encryptedstringjwe keyring gettargetpublickey , establishment ; final jwsheader jwsheader = jwtutils getdefaultjwsheader keyring getversion , keyring getcertificateid , "partnerid" ; return new partneroutputdto jwtutils generatesignedstringjws jwsheader, keyring getsourceprivatekey , keyring getsourcepublickey ,strjwe ; } authentication processing for values in data fields requested for authentication 1 retrieve transactioncontext value stored in cache using refid value @override public mono<transactioncontext> getcontext final partnerinputdto inputdto { return mono just this transactioncontextmanager gettransactioncontextby inputdto getrefid ; } 2 processes the decryption process of the request body data like jwt jws + jwe decryption between wallet backed server and partner server 3 generate mdocresponse public class mdocresponse { private final transactioncontext context; // managed tranactioncontext by refid private final byte[] data; // base64url decoded data after decrypting jwt jws + jwe data public mdocresponse final transactioncontext context, final string inputdto { this context = context; this data = base64utils decode inputdto getbytes standardcharsets utf_8 ; } } 4 get the field values requested for authentication from the data in mdocresponse public string getdata { // sessiondata = { // ? "data" bstr ; encrypted mdoc response or mdoc request // ? "status" uint ; status code // } final cborobject response = cborobject decodefrombytes data ; checktype response, cbortype map ; final cborobject data = response get data ; checktype data, cbortype bytestring ; return cborobject decodefrombytes isencryptedmode ? cipherutils decrypt this context, data getbytestring data getbytestring tojsonstring ; } 5 create a session value using the transactioncontext value managed by refid and then decrypt it private static byte[] processcipher final ciphermode ciphermode, final transactioncontext context, final byte[] bytes { // ciphermode encrypt or decrypt, bytes data passed by the client try { cipher cipher = cipher getinstance "aes/gcm/nopadding" ; final int counter = ciphermode encrypt == ciphermode ? context getencryptmessagecounter context getdecryptmessagecounter ; gcmparameterspec parameterspec = new gcmparameterspec 128, getsessionkeyiv ciphermode identifier, counter ; cipher init ciphermode ciphermode , getsecretkeyspec context, ciphermode info , parameterspec ; return cipher dofinal bytes ; } catch invalidalgorithmparameterexception | nosuchpaddingexception | illegalblocksizeexception | nosuchalgorithmexception | badpaddingexception | invalidkeyexception e { log error "error type {}, message {}", e getclass , e getmessage ; throw new customexception httpstatus internal_server_error, "processcipher error" ; } } 6 examining data received from the client @override public mono<void> authentication final string response { log info "response info {}", response ; return mono empty ; } wallet cards refer to the wallet cards this chapter defines wallet card data fields for the attributes object of each wallet card type the structure for configuring wallet cards follows the defined specification configuring the card data in the specified formatted json structure is required see the details for each card type type value description card object card object required card information card type string 16 required wallet card type card subtype string 16 required allet card sub type card data[] array of object required wallet card data containerallows up to 6 objects at once data[] refid string 32 required a unique content identifier definedby the content provider data[] createdat long 13 required data creation timestamp epoch timestamp in milliseconds utc±00 00 data[] updatedat long 13 required data creation timestamp epoch timestamp in milliseconds utc±00 00 data[] language string 8 required default content language code e g , en, ko data[] attributes object required card data attributes * refer to the following chapters for each type data[] attributes {fields} attribute fields by card type data[] localization[] array of object optional information for multilingual support localization[] language string 8 required multilingual content language code e g , en, ko, etc localization[] attributes {fields} for displaying a given language,‘data[] attributes’ can be replaced bylocalized versions * refer to the following chapters for each type example example card object { "card" { "type" "ticket", "subtype" "movies", "data" [{ "refid" "ref-20230304-001", "createdat" 1612660039000, "language" "en", "attributes" { "title" "samsung wallet", "mainimg" "https // /main png" *refer to wallet cards for each type }, "localization" [{ "language" "ko", "attributes" { "title" "삼성 월렛" } }] }] } } to ensure secure card data transmission, it must be tokenized in jwt format for this purpose, partner will need the certificate obtained using the partner's email account when signing up for the partner portal for detailed information on secure data tokenization, partners can refer to the security chapter *image resources provided by urls can be cached therefore, for the image resource to be replaced immediately, the corresponding url path must be changed relying party ‘relyingparty’ cards are used for verifier authentication when partners create the verify with samsung wallet button, they will need to create cdata this is the data spec included when creating the cdata of relayingparty type wallet card type wallet card subtype relyingparty others type value description attributes{fields} 1 logoimage string 256 required url of the logo image the file size must not be greater than 256 kb 2 logoimage darkurl string 256 required url of the logo image the file size must not be greater than 256 kb 3 logoimage lighturl string 256 required url of the logo image the file size must not be greater than 256 kb 4 fontcolor string 8 optional display color of the font during user authentication 5 providername string 32 required display name during user authentication 6 clienttype string 32 required information on whether the client operates as an application or web 7 clientpackagename string 32 required if the client is operating as an app, enter the package name, if it works on the web, enter a service name example { "card" { "type" "relyingparty", "subtype" "others", "data" [ { "refid" "0613001", "createdat" 1686657600000, "updatedat " 1686657600000, "language" "en", "attributes" { "logoimage" "https //samsung com", "logoimage darkurl" "https //dark samsung com", "logoimage lighturl" "https //light samsung com", "fontcolor" "black", "providername" "company name", "clienttype" "app", "clientpackagename" "com companyname app" } } ] } }
Develop Samsung Pay
docbecome a member to become a samsung pay partner, firstly you need to sign up to the samsung pay portal and then register your membership sign up/sign in to sign up as a samsung pay partner and request access to the samsung pay developers site, do the following in your browser, go to samsung pay developers if you already have a samsung account, click log in otherwise, click sign up and create an account a company business email address that won't change over time is recommended as the primary samsung account user id for managing your portal projects agree to the site's terms and conditions and acknowledge that you understand the samsung pay partners privacy policy, then click create a samsung account fill out the onscreen account creation form, making sure to correctly type the security code, then click continue click sign up, enter your samsung account id email address and password, then click sign in look in your email inbox for a welcome message with an account activation link and click the link this opens the developers site registration page complete the company and user profile described in the next step to become a registered samsung pay developer partner register your membership while becoming a member of the samsung pay developer community, you need to provide some information about your company - contact information, type of business, size, etc this information is entered into a company and user profile, which you can subsequently update as changes occur if you are the first one in your company to join samsung pay developers, you will be the principal contact as such, you will be given permissions to manage projects and invite others in your company to collaborate if you are an invited co-worker, you'll need your company's partner id to register follow these steps to register if you are the first samsung pay member of your company to register, select the first option "i am the first samsung pay member of my company" if you were given a samsung pay partner id by a co-worker, select the second option "my company is already registered" and enter your company's partner id in the field provided click next complete the company information form and agree to the terms and conditions of use, then click save and next if you cannot complete the profile at this time, click skip and verify later complete the user information form, then click done; or, if you cannot provide the information at this time, click skip and verify later upon review of the information provided, your samsung pay relationship manager rm may request additional details once your membership registration is approved, you'll be granted access to currently restricted areas of the samsung pay portal and you can invite members of your team to collaborate on your samsung pay projects until then, take advantage of valuable resources like the samsung pay sdk and sdk programming guide from the following link android sdk [in-app payment and push provisioning] https //developer samsung com/pay/native/sdk-overview html web checkout sdk https //developer samsung com/pay/web/overview html w3c mobile payment https //developer samsung com/internet/android/web-payments-integration-guide html when you receive the email notifying you of membership approval, you're ready to get started in your browser, return to the samsung pay portal and sign in set up your partner project when you integrate your project with samsung pay, it is important to have a clear understanding of what is involved for starters, consider the difference between apps and services app an app can be your issuer app or merchant app service a service is a combination of your app, its service type, a csr and a service id your app will pass these information to samsung wallet for partnership verification you can create different service for the same package for multiple purpose testing note that,only one application can be added under one service id for example app deployment scenario unique service-app combinations global issuer app using a different csr encryption key for services in different regions to interact with local servers service 1 = com issuer walletapp, csr1_us service 2 = com issuer walletapp, csr2_plcc_abcmart same issuer app for all customers but different csrs for managing different card services b2b vs plcc service 1 = com issuer walletapp, csr1_regular service 2 = com issuer walletapp, csr2_plcc_abcmart multiple merchant apps using the same pg service 1 = com merchant electronicsapp, csr_pg1 service 2 = com merchant groceryapp, csr_pg1 global merchant app using a different pg for each country service 1 = com merchant electronicsapp, csr_pg1 service 2 = com merchant electronicsapp, csr_pg2 multiple web sites using the same pg service 1 = electronicssite merchant com, csr_pg1 service 2 = grocerysite merchant com, crs_pg1 global merchant web site using a different pg for each country service 1 = electronicsapp merchant com, csr_pg1 service 2 = electronicsapp merchant com, csr_pg2 create new service to create a new service follow the below steps go to my projects > service management or click services management in the navigation panel on the left, then click create new service select for test or for release to define the service for integration with samsung pay, then click next note that, samsung pay will verify all services requested only for release purpose this is to ensure all samsung pay features are functioning correctly and follows samsung pay guideline select your desired service type web online payment service w3c mobile web payments in-app online payment service app to app card enrollment click save and next web online payment service enter the new service name select your service country select your payment gateway from the list of supported payment gateways if your payment gateway uses the network token mode, upload the certificate signing request csr you obtained from your pg supported formats are csr or pem contact your pg for details confirm your agreement with the portal's terms and conditions click the link to read and print , then click done thus, you have completed service configuration for web online payment w3c mobile web payments service enter the new service name select your service country select your payment gateway from the list of supported payment gateways if your payment gateway uses the network token mode, upload the certificate signing request csr you obtained from your pg supported formats are csr or pem contact your pg for details enter the payment domain name s for your website in the service domain field and click add for example, if your domain is mywebstore com but the checkout page is hosted on the subdomain payments mywebstore com, you will need to enter payments mywebstore com as the service domain in the portal for each additional domain name, click add confirm your agreement with the portal's terms and conditions click the link to read and print , then click done thus, you have completed service configuration for w3c mobile web payments in-app online payment service enter the new service name select your service country select your payment gateway from the list of supported payment gateways drag and drop the csr you share with your payment gateway in the box provided or click the paperclip to browse confirm your agreement with the portal's terms and conditions click the link to read and print , then click save and next app to app card enrollment service enter the new service name select your service country add issuer names these correspond to your financial institution/bank's name s registered with the card networks be sure to click the add button after each entry note that, the issuer name on the samsung pay portal and the actual issuer name of the card must match if you cannot confirm the actual issuer name of the card, just add your card to samsung wallet app and see its details information open wallet app > tap on the card > three-dot menu > customer services option under the title you will find the issuer name confirm your agreement with the portal's terms and conditions click the link to read and print , then click save and next for android sdk in-app online payment service and push provisioning service , you have to go through two additional steps- providing app information and setting test environment providing app information if you have already registered an app following register a partner app for android sdk section, select i already registered app information then select the desired app name from the app list you can add a new app on the fly by selecting i will upload new app information click next setting test environment now enter up to 30 test accounts comma-separated these are samsung accounts associated with a registered samsung pay app on a supported device you can always edit the service later to add or delete test accounts click done to save the service configuration and see it listed in your service management dashboard register a partner app for android sdk go to my projects > app management in the navigation panel on the left, then click add new app enter the app name enter its package name to specifically identify this app enter an app description optional; helpful for version control upload the apk file by dragging and dropping it in the corresponding box click the paperclip icon to browse upload representative screenshots showing ui branding elements/buttons in a supported format png, jpeg, gif indicating samsung pay as a supported payment option in your app steps 5 and 6 are required for release versions of your app; not required for initial integration testing click create, then click next at the bottom of the plug-in configuration page your newly added app is now listed in your app management dashboard you can view its details by clicking its app name then, on the app details page, you can edit the app name and description by clicking the corresponding pencil icon
We use cookies to improve your experience on our website and to show you relevant advertising. Manage you settings for our cookies below.
These cookies are essential as they enable you to move around the website. This category cannot be disabled.
These cookies collect information about how you use our website. for example which pages you visit most often. All information these cookies collect is used to improve how the website works.
These cookies allow our website to remember choices you make (such as your user name, language or the region your are in) and tailor the website to provide enhanced features and content for you.
These cookies gather information about your browser habits. They remember that you've visited our website and share this information with other organizations such as advertisers.
You have successfully updated your cookie preferences.