Filter
-
Content Type
-
Category
Mobile/Wearable
Visual Display
Digital Appliance
Platform
Recommendations
Filter
Develop Samsung Blockchain
apiwallet class scwservice java lang object com samsung android sdk coldwallet scwservice public class scwservice extends java lang object class for the proxy to use the samsung blockchain keystore service the keystore's hd wallet seed is bip-39 compatible see also https //github com/bitcoin/bips/blob/master/bip-0039 mediawiki nested class summary nested classes modifier and type class and description static class scwservice scwcheckformandatoryappupdatecallback callback for checkformandatoryappupdate api static class scwservice scwgetaddresslistcallback callback for getaddresslist api static class scwservice scwgetextendedpublickeylistcallback callback for getextendedpublickeylist api static class scwservice scwsignbtctransactioncallback callback for signbtctransaction api static class scwservice scwsignethpersonalmessagecallback callback for signethpersonalmessage api static class scwservice scwsignethtransactioncallback callback for signethtransaction api static class scwservice scwsignklaytransactioncallback callback for signklaytransaction api method summary all methods static methods instance methods concrete methods modifier and type method and description void checkformandatoryappupdate scwservice scwcheckformandatoryappupdatecallback callback checks whether a mandatory update of samsung blockchain keystore is needed or not void getaddresslist scwservice scwgetaddresslistcallback callback, java util arraylist<java lang string> hdpath request to get a list of addresses that corresponds to a list of hd paths void getextendedpublickeylist scwservice scwgetextendedpublickeylistcallback callback, java util arraylist<java lang string> hdpath request to get a list of extended public keys that corresponds to a list of hd paths static scwservice getinstance return the instance of the keystore proxy object int getkeystoreapilevel get api level which the keystore in the device supports java lang string getseedhash get the pseudo seed hash which is randomly generated when the hd wallet created whenever the seed for the wallet is changed, this key shall be changed int[] getsupportedcoins get coin types supported by samsung blockchain keystore void signbtctransaction scwservice scwsignbtctransactioncallback callback, byte[] transaction, java util list<java lang string> hdpathlist, java util list<byte[]> utxotxlist, java lang string changehdpath request to sign bitcoin transaction void signethpersonalmessage scwservice scwsignethpersonalmessagecallback callback, byte[] msg, java lang string hdpath request to sign ethereum typed structured data void signethtransaction scwservice scwsignethtransactioncallback callback, byte[] transaction, java lang string hdpath request to sign ethereum transaction void signklaytransaction scwservice scwsignklaytransactioncallback callback, byte[] transaction, java lang string hdpath, int networkid request to sign klay transaction methods inherited from class java lang object equals, getclass, hashcode, notify, notifyall, tostring, wait, wait, wait method detail getinstance public static scwservice getinstance return the instance of the keystore proxy object returns the instance, or null if samsung blockchain keystore is not available on the device getkeystoreapilevel public int getkeystoreapilevel get api level which the keystore in the device supports caution you should check the api level before invoking any apis otherwise, it will return scwapilevelexception if keystore api level is lower than the required level, update the keystore app first via scwdeeplink galaxy_store returns api level since api level 1 getseedhash public java lang string getseedhash get the pseudo seed hash which is randomly generated when the hd wallet created whenever the seed for the wallet is changed, this key shall be changed returns null if keystore does not support wallet key, zero-length string if the wallet is not created otherwise, wallet is created since api level 1 getsupportedcoins public int[] getsupportedcoins get coin types supported by samsung blockchain keystore returns array of coin types, scwcointype throws scwapilevelexception - api level exception since api level 1 see also https //github com/satoshilabs/slips/blob/master/slip-0044 md checkformandatoryappupdate public void checkformandatoryappupdate @nonnull scwservice scwcheckformandatoryappupdatecallback callback checks whether a mandatory update of samsung blockchain keystore is needed or not do not call this method in the background thread if there is a mandatory update, you need to open the app update link, scwdeeplink galaxy_store parameters callback - result callback since api level 1 getextendedpublickeylist public void getextendedpublickeylist @nonnull scwservice scwgetextendedpublickeylistcallback callback, @nonnull java util arraylist<java lang string> hdpath request to get a list of extended public keys that corresponds to a list of hd paths parameters callback - result callback hdpath - the hd path list to bring the public keys the depth of a path should be between 3 and 6 for example, "m/44'/60'", "m/44'/60'/0'/0/0" since api level 1 see also https //github com/bitcoin/bips/blob/master/bip-0032 mediawiki getaddresslist public void getaddresslist @nonnull scwservice scwgetaddresslistcallback callback, @nonnull java util arraylist<java lang string> hdpath request to get a list of addresses that corresponds to a list of hd paths parameters callback - result callback hdpath - the hd path list to bring the addresses the depth of a path should be between 3 and 6 for example, "m/44'/60'", "m/44'/60'/0'/0/0" since api level 1 see also https //github com/bitcoin/bips/blob/master/bip-0032 mediawiki signethtransaction public void signethtransaction @nonnull scwservice scwsignethtransactioncallback callback, @nonnull byte[] transaction, @nonnull java lang string hdpath request to sign ethereum transaction parameters callback - result callback transaction - a byte array of a rlp-encoded unsigned ethereum transaction hdpath - hd path that corresponds to public key needed for signing since api level 1 signethpersonalmessage public void signethpersonalmessage @nonnull scwservice scwsignethpersonalmessagecallback callback, @nonnull byte[] msg, @nonnull java lang string hdpath request to sign ethereum typed structured data parameters callback - result callback msg - a byte array of raw message to be signed the keystore will add "ethereum signed message \n" prefix, so it should not be included in msg hdpath - hd path that corresponds to public key needed for signing since api level 1 see also https //github com/ethereum/eips/blob/master/eips/eip-712 md signklaytransaction public void signklaytransaction @nonnull scwservice scwsignklaytransactioncallback callback, @nonnull byte[] transaction, @nonnull java lang string hdpath, @nonnull int networkid request to sign klay transaction parameters callback - result callback transaction - a byte array of a raw transaction to be signed by samsung blockchain keystore the transaction is same as the sigrlp value mentioned in klaytn's official document hdpath - hd path that corresponds to public key needed for signing networkid - the klaytn network id, or the integer to identify the network "8217" is klaytn cypress mainnet and "1001" is klaytn baobab testnet since api level 2 see also https //docs klaytn com/node/en/installation/config signbtctransaction public void signbtctransaction @nonnull scwservice scwsignbtctransactioncallback callback, @nonnull byte[] transaction, @nonnull java util list<java lang string> hdpathlist, @nonnull java util list<byte[]> utxotxlist, @nonnull java lang string changehdpath request to sign bitcoin transaction parameters callback - result callback transaction - a byte array of a serialized unsigned bitcoin transaction to be signed by samsung blockchain keystore hdpathlist - a list of hd paths that corresponds to utxo's public key utxotxlist - a list of byte array of the serialized transaction which contain the utxo used in this transaction changehdpath - hd path that corresponds to the change address since api level 2 see also https //github com/bitcoin/bips/blob/master/bip-0044 mediawiki, https //github com/bitcoin/bips/blob/master/bip-0049 mediawiki, https //github com/bitcoin/bips/blob/master/bip-0084 mediawiki
Learn Code Lab
codelabwallet app on their mobile device it supports browser-based payments on both computers and mobile devices a mobile device with samsung wallet installed is required to make purchases through samsung pay web checkout when the user chooses to pay with samsung pay, they must provide their samsung account id email id or scan the qr code on the screen with their mobile device the user then authorizes the purchase within the samsung wallet application, which generates the payment credential on the device and transmits it to your website through the web checkout for more information, see samsung pay web checkout set up your environment you will need the following access to samsung pay developers site samsung wallet test app from samsung pay developers site samsung galaxy device that supports samsung wallet app internet browser, such as google chrome codesandbox account notein this code lab, you can use the samsung wallet test app to try the functionality of the samsung pay web checkout service in a staging environment you can use the official samsung wallet app from the galaxy store once your service is in the production environment start your project and register your service in your browser, open the link below to access the project file of the sample merchant site codesandbox io/s/virtual-store-sample-fnydk5 click the fork button to create an editable copy of the project next, follow the steps below to register your sample merchant site in the samsung pay developers site go to my projects > service management click create new service select web online payment as your service type enter your service name and select your service country select your payment gateway from the list of supported payment gateways pg if your pg uses the network token mode, upload the certificate signing request csr or privacy enhanced mail pem file you obtained from your pg contact your pg for details enter the payment domain name s for your website in the service domain field and click add for example, if your domain is mywebstore com, but the checkout page is hosted on the subdomain payments mywebstore com, you will need to enter payments mywebstore com as the service domain for each additional domain url, click add in this code lab, the generated preview url of the forked project is your service domain click the name of the newly created service to see its details, such as the generated service id that you can use for all the registered service domains include the samsung pay web checkout javascript sdk the samsung pay web checkout sdk uses javascript to integrate the samsung pay payment system to your website this sdk allows users to purchase items via web browser in the <head> section of the index html file of the project, include the samsung pay web checkout javascript sdk file <script src="https //img mpay samsung com/gsmpi/sdk/samsungpay_web_sdk js"></script> initialize the samsung pay client to initiate payments using the samsung pay api, create a new instance of the paymentclient class and pass an argument specifying that the environment as stage write the code below in the <script> tag of the <body> section const samsungpayclient = new samsungpay paymentclient { environment "stage" } ; when the service is still in debug or test mode, you can only use the staging environment to test payment functionality without processing live transactions noteby default, the service is initially set to debug or test mode during creation to switch the service status to release mode, a request must be made through the samsung pay developers site after successfully transitioning to release mode, change the environment to production next, define the service id, security protocol, and card brands that the merchant can support as payment methods the service id is the unique id assigned to your service upon creation in the samsung pay developers site let paymentmethods = { version "2", serviceid "", //input your service id here protocol "protocol_3ds", allowedbrands ["visa", "mastercard"] }; check whether the samsung pay client is ready to pay using the given payment method call the createandaddbutton function if the response indicates that the client is ready samsungpayclient isreadytopay paymentmethods then function response { if response result { createandaddbutton ; } } catch function err { console error err ; } ; create and implement the samsung pay button go to the <body> section and, inside the page-container div, create a container for the samsung pay button <div align="center" id="samsungpay-container"></div> next, go back to the <script> tag and write the createandaddbutton function inside this function, generate the samsung pay button by calling the createbutton method ensure that the button appears on the page by appending it to the container you created function createandaddbutton { const samsungpaybutton = samsungpayclient createbutton { onclick onsamsungpaybuttonclicked, buttonstyle "black"} ; document getelementbyid "samsungpay-container" appendchild samsungpaybutton ; } function onsamsungpaybuttonclicked { // create the transaction information //launch the payment sheet } from the createandaddbutton function, call the onsamsungpaybuttonclicked function when the user clicks the generated button create the transaction information in the onsamsungpaybuttonclicked function, create the transactiondetail object for the user’s purchase input your service domain in the url key let transactiondetail = { ordernumber "sample0n1y123", merchant { name "virtual shop", url "", //input your service domain countrycode "us" }, amount { option "format_total_estimated_amount", currency "usd", total 2019 99 } }; below are the descriptions of the keys included in the transactiondetail object key type description ordernumber string order number of the transaction allowed characters [a-z][a-z][0-9,-] merchant object data structure containing the merchant information merchant name string merchant name merchant url string merchant domain url e g , samsung com the maximum length is 100 characters merchant countrycode string merchant country code e g , us for united states iso-3166-1 alpha-2 amount object data structure containing the payment amount amount option string display format for the total amount on the payment sheet format_total_estimated_amount = displays "total estimated amount " with the total amountformat_total_price_only = displays the total amount only amount currency string currency code e g , usd for us dollar the maximum length is 3 character amount total string total payment amount in the currency specified by amount currencythe amount must be an integer e g , 300 or in a format valid for the currency, such as 2 decimal places after a separator e g , 300 50 notefor the complete list of specifications for the transactiondetail object, see samsung pay web checkout api reference launch the payment sheet after creating the transaction information, call the loadpaymentsheet method to display the web checkout ui the user can either input their email address or scan the generated qr code a timer screen in the web checkout ui is displayed after the user input, while a payment sheet is launched in the user's samsung wallet app the payment sheet contains the payment card option s and the transaction details when the user confirms their payment on their mobile device, you will receive the paymentcredential object generated by the device then, inform the samsung server of the payment result using the notify method the paymentresult object contains the payment result information during transaction processing and after the payment is processed with the pg network notefor real transactions, you need to extract the payment credential information from the 3ds data key within the paymentcredential object and process it through your payment provider however, in this code lab, you only need to print the paymentcredential to the console samsungpayclient loadpaymentsheet paymentmethods, transactiondetail then function paymentcredential { console log "paymentcredential ", paymentcredential ; const paymentresult = { status "charged", provider "test pg" }; samsungpayclient notify paymentresult ; } catch function error { console log "error ", error ; } ; other possible values of the status key are charged - payment was charged successfully canceled - payment was canceled by either the user, merchant, or the acquiring bank rejected - payment was rejected by the acquiring bank erred - an error occurred during the payment process test the samsung pay button after integrating the samsung pay web checkout service into your sample merchant site, follow the steps below to test the functionality of the integrated service open your sample merchant site in a new tab then, click the pay with samsung pay button in the web checkout ui, enter the email address of your samsung account to send a payment request to samsung pay tap the push notification sent to the samsung wallet app installed on your mobile device then, click accept when the payment sheet is loaded, tap on pin and enter your pin to proceed a verified message will display in both the samsung wallet app and web checkout ui to indicate that the payment was processed successfully you're done! congratulations! you have successfully achieved the goal of this code lab topic now, you can integrate the samsung pay web checkout service into your website by yourself if you're having trouble, you may check the complete code below codesandbox io/s/virtual-store-complete-dkhzfx to learn more about developing apps for samsung pay devices, visit developer samsung com/pay
Develop Samsung Wallet
docwallet driver's license service online scenarios this sdk provides an implementation for direct communication between the samsung wallet and partner applications build the settings rpsdk requires additional dependencies with dependencies { implementation "rp-sdk-1 0-release aar" implementation "androidx core core-ktx 1 3 2" implementation "androidx lifecycle lifecycle-runtime-ktx 2 7 0" implementation "androidx lifecycle lifecycle-livedata-core-ktx 2 7 0" implementation "io reactivex rxjava2 rxjava 2 2 21" implementation "io reactivex rxjava2 rxkotlin 2 4 0" implementation "io reactivex rxjava2 rxandroid 2 1 1" implementation "com squareup okhttp3 okhttp 4 11 0" implementation "com google code gson gson 2 10 1" implementation "org bouncycastle bcprov-jdk15to18 1 66" implementation "com nimbusds nimbus-jose-jwt 9 37 3" } androidmanifest xml <manifest xmlns android="http //schemas android com/apk/res/android"> <uses-permission android name="android permission internet" /> <queries> <package android name="com samsung android spay" /> </queries> </manifest> r8 / proguard the specific rules are already bundled into the aar which can be interpreted by r8 automatically sdk method app2app sdk supports one method request signature & parameters of the request method fun request targetpackagename string, requestid string, applink string, onresponselistener onresponselistener? = null parameter name description targetpackagename the pakcage name to connect to requestid a random string to identify each request applink the applink built by samsung mcs server guidehttps //developer samsung com/wallet/api_new/verifywith/button html#data-transmit-link onresponselistener a listener to receive each events or request [sample code] https //developer samsung com/wallet/api_new/references/coderesources html#rpclient-sample-code binding button setonclicklistener { rpclientapis request "com samsung android spay", uuid randomuuid tostring , applink, object rpclientapis onresponselistener { override fun ongetmdocrequestdata deviceengagementbytes bytearray bytearray? { log i tag, "ongetmdocrequestdata $deviceengagementbytes " /** * 1 prepare mdoc request data iso-18013-5 * 2 build sessionestablishmentbytes iso-18013-5 * 3 encrypt it with hkdf iso-18013-5, 9 1 1 5 cryptographic operations **/ return "encryptedsessionestablishmentbytes" } override fun onmdocresponse encryptedresponse bytearray { log i tag, "onmdocresponse $encryptedresponse " /** * 1 decrypt it with hkdf iso-18013-5, 9 1 1 5 cryptographic operations * 2 cbor decode it **/ } override fun onmdocresponsefailed exception exception { log i tag, "onmdocresponsefailed $exception " } } } error code explanation the below exceptions might occur through the onmdocresponsefailed callback exceptions name description rpcommunicationexception this error occurs when the data requested by the listener is incorrect rpconnectionfailedexception this occurs when the app 2 app communication between apps is not working this usually occurs when the target package name is written incorrectly web2app api integration specs the api specifications that need to be implemented by the rp partner are described below called by samsung to the rp partner send key send the wallet application key info and return the data field types requested to the client for authentication of the mdl [request] type value description method post url {partner server url}/rp/v1 0/{cardid}/{refid}/key headers authorization string 1024 required credential token the token can have the prefix "bearer" as an authorization type, e g , bearer <credentials> * refer to authorization token for more details path parameters cardidstring 32 required wallet card identifier issued from partner portal when the partner manager signs up for partner services and registers the wallet card they want to service refid string 32 required unique content identifier defined by the content provider query parameter n/a payload data string 3000 required jwt data encrypted with the public key information and card type if decrypted this data is decoded, and it has the following format information { “data” “xxxxxxxxxxx”, “card” {"type" "relyingparty", "subtype" "others", "designtype" "us-01" }} [example] post {partner server url}/rp/v1 0/{cardid}/{refid}/key content-type application/json { “data” “eyjjdhkioijbvvriiiwidmvyijoimiisinbhcnruzxjjzci6inrlc3qilcj1dgmioje3mtyymdyznjaxmtasimfszyi6iljtmju2in0 zxlkbgjttwlpaupctvrjnfiwtk5jaxdpwvd4bklqb2lvbe5ctfu5qljwqxrnaluysw4wllz5afaxs0fnmvjhbzbdn2nix2pydgtfoddqbnhrrmpfwkppcnnsuus4mnn0owvxtjeyvzvmoejax1d5ngvzmze3vdnad0pncmpwzwdzoek3avlcwwrlogj5lxfimjblu3ruc3jsszlpslfnn1fam2xzauxscxltb0vlbervd0fpatrmry1jukzwdvlrbxrintg3utd1zwnuq1lwwgzwalvecg01yxbfbdv3szm1ugz3d0dkrem2tmowz1awbtz3nk1kdl9mddbvzwc2mwzjagdbyny0emxmzju2cvyzm0t6zjdjbwvpbkjrnnpmsgutymfwyxhvzk5ld2htzwvjuzftv3larm1nvlj6mefsmnbxa0dqlvjkt1iza3vzavo0vjfidy1aq2iyvwvwyvdzru9nuedrvw1mbtfuowjwt1zmz1nuv1f0se5pvtfjyvrhtg1dwlpvqs5pmzzrd1g4wmjnq21wd3o2ll9kzehfvxnnbm13b1drddrmcu4xmuncauntsnutbwpyv2zrckxos0zvenbss085ckdxbudpz0pqukf1ntfsotryc2vivwdfwu9ns2rgr1vomwjhmhb3y0tfngtjmet2dkfowhprodn0azbjqzrot2f6vzlmovntt0rhmu9imefoavfzqzddevfqnndnlwflvk8waejwsejkmeduruh1z3exc21vvmxrbjblsnjqwhm4x3fwcnplekwtadfpcfk1aes1zug5q3nisms0aehcngnmwulkrujfz09bcgzxcgfumgfsvgfmodhhdxlqsgzhdgrma0tlwdv0q0rtajixse5tt0fhwtjvwlzrr0hxu0wzngjabtu5aezmnvdha0ljce9bmhlwue9tqznwtflkv2jsmm85lkfoedbvytvgetzudkxkvxvketazshc e07yyl7ior3885vykss5_q1icpx750uu2ge5sujsedx3dr_u0x4tse9_0nxm46dywnfuxruagfjdnjhibc707li9vi3xtyihwnweifydgv1qb9oddkyyzuahxqmjhvuqncdt6df2caqzf5qgmvqfmgse_t7ipu8vqfxe34do-skzj8ftduss2ecdanbqokchih3m39noubpfhcx68plpcw50dixlupxwegniu2t3co24yliaklgac669accxdqr34utvuqhtjt_ftxkahalzoa34_hj_s82fivixh1itd74uojzse7ibwya_kvysozavnmztz2th9cbwycvx8wa” } [response] type value description http status code 200 ok payload data string 3000 required jwt data encrypted with the data field types requested to the client for authentication of the mdl [result] http status code description 200 ok success 400 bad request requests cannot or will not be processed due to something that is perceived to be a client error 401 unauthorized authorization token is invalid or expired 500 internal server error the server encountered an unexpected condition that prevented it from fulfilling the request 503 service unavailable the server is not ready to handle the request send authentication data the data is encrypted according to the requested data and then transmitted along with the data card information [request] type value description method post url {partner server url}/rp/v1 0/{cardid}/{refid}/auth headers authorization string 1024 required credential token the token can have the prefix "bearer" as an authorization type, e g , bearer <credentials> * refer to authorization token for more details pathparameters cardid string 32 required wallet card identifier issued from partner portal when the partner manager signs up for partner services and registers the wallet card they want to service refid string 32 required unique content identifier defined by the content provider queryparameter n/a payload data string 3000 required jwt data encrypted with the public key information and card type if decrypted this data is decoded, it has the following format information { “data” “xxxxxxxxxxx”, “card” {"type" "idcard","subtype" "drivers","designtype" "us-01" }} [example] post {partner server url}/rp/v1 0/{cardid}/{refid}/auth content-type application/json { “data” “eyjjdhkioijbvvriiiwidmvyijoimiisinbhcnruzxjjzci6inrlc3qilcj1dgmioje3mtyymdyznjaxmtasimfszyi6iljtmju2in0 zxlkbgjttwlpaupctvrjnfiwtk5jaxdpwvd4bklqb2lvbe5ctfu5qljwqxrnaluysw4wllz5afaxs0fnmvjhbzbdn2nix2pydgtfoddqbnhrrmpfwkppcnnsuus4mnn0owvxtjeyvzvmoejax1d5ngvzmze3vdnad0pncmpwzwdzoek3avlcwwrlogj5lxfimjblu3ruc3jsszlpslfnn1fam2xzauxscxltb0vlbervd0fpatrmry1jukzwdvlrbxrintg3utd1zwnuq1lwwgzwalvecg01yxbfbdv3szm1ugz3d0dkrem2tmowz1awbtz3nk1kdl9mddbvzwc2mwzjagdbyny0emxmzju2cvyzm0t6zjdjbwvpbkjrnnpmsgutymfwyxhvzk5ld2htzwvjuzftv3larm1nvlj6mefsmnbxa0dqlvjkt1iza3vzavo0vjfidy1aq2iyvwvwyvdzru9nuedrvw1mbtfuowjwt1zmz1nuv1f0se5pvtfjyvrhtg1dwlpvqs5pmzzrd1g4wmjnq21wd3o2ll9kzehfvxnnbm13b1drddrmcu4xmuncauntsnutbwpyv2zrckxos0zvenbss085ckdxbudpz0pqukf1ntfsotryc2vivwdfwu9ns2rgr1vomwjhmhb3y0tfngtjmet2dkfowhprodn0azbjqzrot2f6vzlmovntt0rhmu9imefoavfzqzddevfqnndnlwflvk8waejwsejkmeduruh1z3exc21vvmxrbjblsnjqwhm4x3fwcnplekwtadfpcfk1aes1zug5q3nisms0aehcngnmwulkrujfz09bcgzxcgfumgfsvgfmodhhdxlqsgzhdgrma0tlwdv0q0rtajixse5tt0fhwtjvwlzrr0hxu0wzngjabtu5aezmnvdha0ljce9bmhlwue9tqznwtflkv2jsmm85lkfoedbvytvgetzudkxkvxvketazshc e07yyl7ior3885vykss5_q1icpx750uu2ge5sujsedx3dr_u0x4tse9_0nxm46dywnfuxruagfjdnjhibc707li9vi3xtyihwnweifydgv1qb9oddkyyzuahxqmjhvuqncdt6df2caqzf5qgmvqfmgse_t7ipu8vqfxe34do-skzj8ftduss2ecdanbqokchih3m39noubpfhcx68plpcw50dixlupxwegniu2t3co24yliaklgac669accxdqr34utvuqhtjt_ftxkahalzoa34_hj_s82fivixh1itd74uojzse7ibwya_kvysozavnmztz2th9cbwycvx8wa” } [response] type value description http status code 200 ok400 bad request [result] http status code description 200 ok success 400 bad request requests cannot or will not be processed due to something that is perceived to be a client error 401 unauthorized authorization token is invalid or expired 500 internal server error the server encountered an unexpected condition that prevented it from fulfilling the request 503 service unavailable the server is not ready to handle the request code explanation based on the sample code jwt jws + jwe decryption between the wallet backed server and partner server 1 verify by generating a jws using the body data // generate jws by the body data private static signedjwt parsejwt final string data { try { return signedjwt parse data ; } catch parseexception e { log error "parserjwt error class {}, error message {}", e getclass , e getmessage ; throw new customexception httpstatus internal_server_error, "parserjwt error" ; } } // verify jws using samsung public key public requestbody getrequestbody final keyring keyring { final signedjwt signedjwt = jwtutils verify keyring gettargetpublickey , encrypteddata, 60 * 10000 ; // verify and generate jws try { final string strbody = jwtutils getdecryptedpayloadfrom keyring getsourceprivatekey , jweobject parse signedjwt getpayload tostring ; // decryption jwe by the jws return objectmapper readvalue strbody, requestbody class ; // convert to data format requested by client } catch parseexception | jsonprocessingexception e { log error "getrequestbody {}", e getmessage ; throw new customexception httpstatus internal_server_error, "data body parse error" ; } } 2 decrypt the jwe using the jws jweobject parse signedjwt getpayload tostring public static string getdecryptedpayloadfrom final key privatekey, final jweobject data { try { data decrypt new rsadecrypter privatekey privatekey ; // decryption jwe using partner private key return data getpayload tostring ; } catch joseexception e { log error "joseexception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "getdecryptedpayloadfrom error" ; } } 3 convert to the format send by the client public requestbody getrequestbody final keyring keyring { final signedjwt signedjwt = jwtutils verify keyring gettargetpublickey , encrypteddata, 60 * 10000 ; // verify and generate jws try { final string strbody = jwtutils getdecryptedpayloadfrom keyring getsourceprivatekey , jweobject parse signedjwt getpayload tostring ; // decryption jwe by the jws return objectmapper readvalue strbody, requestbody class ; // convert to data format requested by client } catch parseexception | jsonprocessingexception e { log error "getrequestbody {}", e getmessage ; throw new customexception httpstatus internal_server_error, "data body parse error" ; } } generate mdocestablishment 1 generate rsa key per refid public class transactioncontext { private final keypair keypair; // rsa key private final byte[] clientengagement; // body data received through key api, base64url decoded value @equalsandhashcode exclude private int encryptmessagecounter = 0; // count value when encrypted @equalsandhashcode exclude private int decryptmessagecounter = 0; // count value when decrypted } private cache<string, transactioncontext> contextcache; // rsa key management per refid with memory cache // generate and store rsa key per refid only once upon first request public transactioncontext settransactioncontext final string key, final string base64encodedclientengagement { log info "base64encodedclientpublickey {}", base64encodedclientengagement ; this contextcache put key, new transactioncontext keyutils generatekeypair , base64utils decode base64encodedclientengagement getbytes ; return this gettransactioncontextby key ; } // part of retrieving ras key based on refid public transactioncontext gettransactioncontextby final string key { return optional ofnullable this contextcache getifpresent key orelsethrow -> { log info "{} is empty", key ; return new customexception httpstatus bad_request, "no key matching the refid" ; } ; } 2 create request field values @override public mono<list<string>> createrequest final partnerinputdto inputdto { final string mockdata = "{ \"doctype\" \"org iso 18013 5 1 mdl\", \"namespaces\" { \"org iso 18013 5 1\" { \"sex\" false, \"portrait\" false, \"given_name\" false, \"issue_date\" false, \"expiry_date\" false, \"family_name\" false, \"document_number\" false, \"issuing_authority\" false }, \"org iso 18013 5 1 aamva\" { \"dhs_compliance\" false, \"edl_credential\" false } } }"; return mono just collections singletonlist mockdata ; } 3 generate establishment @allargsconstructor public class establishment { private final transactioncontext context; // info of client public key , partner private key, public key private final list<string> strreqs; // data field information required for authentication to the client private final keyring keyring; // rsa key information for jwt jws + jwe encryption and decryption between wallet backed server and partner server } protected cborobject generate { final cborobject sessionestablishment = cborobject newmap ; sessionestablishment set e_reader_key, cborobject fromobjectandtag keyutils getereaderkey context , tag_size ; // generate onekey by public key in transactioncontext sessionestablishment set data, cborobject fromobject cipherutils encrypt context, generaterequestformat getrequestcborobjectsfrom strreqs ; // add request data field information for authentication return sessionestablishment; } ``` generate the response value jwt jws + jwe 1 generate establishment with jwe public static string encryptedstringjwe final key publickey, final string data { // please enter samsung public key and establishment data final jweobject jwe = new jweobject new jweheader builder jwealgorithm rsa_oaep_256, encryptionmethod a128gcm build , new payload data ; try { jwe encrypt new rsaencrypter rsapublickey publickey ; return jwe serialize ; } catch joseexception e { log error "encryptedstringjwe exception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "encryptedstringjwe error" ; } } 2 generate jws by jwe public static string generatesignedstringjws final key privatekey, final key publickey, final string payload { // enter your partner’s public key, private key, and jwe data try { final jwsobject jwsobj = new jwsobject getdefaultjwsheader , new payload payload ; jwssigner signer = new rsassasigner new rsakey builder rsapublickey publickey privatekey rsaprivatekey privatekey build ; jwsobj sign signer ; return jwsobj serialize ; } catch joseexception e { log error "encryptedstringjws exception message {}", e getmessage ; throw new customexception httpstatus internal_server_error, "generatesignedstringjws error" ; } } 3 generate jwt jws + jwe public partneroutputdto topartneroutputdto { final cborobject generate = this generate ; final string establishment = base64 geturlencoder encodetostring generate encodetobytes ; final string strjwe = jwtutils encryptedstringjwe keyring gettargetpublickey , establishment ; final jwsheader jwsheader = jwtutils getdefaultjwsheader keyring getversion , keyring getcertificateid , "partnerid" ; return new partneroutputdto jwtutils generatesignedstringjws jwsheader, keyring getsourceprivatekey , keyring getsourcepublickey ,strjwe ; } authentication processing for values in data fields requested for authentication 1 retrieve transactioncontext value stored in cache using refid value @override public mono<transactioncontext> getcontext final partnerinputdto inputdto { return mono just this transactioncontextmanager gettransactioncontextby inputdto getrefid ; } 2 processes the decryption process of the request body data like jwt jws + jwe decryption between wallet backed server and partner server 3 generate mdocresponse public class mdocresponse { private final transactioncontext context; // managed tranactioncontext by refid private final byte[] data; // base64url decoded data after decrypting jwt jws + jwe data public mdocresponse final transactioncontext context, final string inputdto { this context = context; this data = base64utils decode inputdto getbytes standardcharsets utf_8 ; } } 4 get the field values requested for authentication from the data in mdocresponse public string getdata { // sessiondata = { // ? "data" bstr ; encrypted mdoc response or mdoc request // ? "status" uint ; status code // } final cborobject response = cborobject decodefrombytes data ; checktype response, cbortype map ; final cborobject data = response get data ; checktype data, cbortype bytestring ; return cborobject decodefrombytes isencryptedmode ? cipherutils decrypt this context, data getbytestring data getbytestring tojsonstring ; } 5 create a session value using the transactioncontext value managed by refid and then decrypt it private static byte[] processcipher final ciphermode ciphermode, final transactioncontext context, final byte[] bytes { // ciphermode encrypt or decrypt, bytes data passed by the client try { cipher cipher = cipher getinstance "aes/gcm/nopadding" ; final int counter = ciphermode encrypt == ciphermode ? context getencryptmessagecounter context getdecryptmessagecounter ; gcmparameterspec parameterspec = new gcmparameterspec 128, getsessionkeyiv ciphermode identifier, counter ; cipher init ciphermode ciphermode , getsecretkeyspec context, ciphermode info , parameterspec ; return cipher dofinal bytes ; } catch invalidalgorithmparameterexception | nosuchpaddingexception | illegalblocksizeexception | nosuchalgorithmexception | badpaddingexception | invalidkeyexception e { log error "error type {}, message {}", e getclass , e getmessage ; throw new customexception httpstatus internal_server_error, "processcipher error" ; } } 6 examining data received from the client @override public mono<void> authentication final string response { log info "response info {}", response ; return mono empty ; }
Develop Samsung Wallet
docwallet card type wallet card type wallet card subtype payasyougo evcharges, others evcharges wallet card data fields attributes type value description attributes {fields} title string 32 required main title of cardse g , samsung charge card subtitle1 string 32 optional the auxiliary field which displays supporting information logoimagestring 256 optional logo image url to be displayed in the card item the file size must not be greater than 256 kb logoimage darkurl string 256 optional logo image url in dark mode the file size should not exceed 256 kb* if this value does not exist, logoimage will be substituted logoimage lighturl string 256 optional logo image url in light mode the file size must not be greater than 256 kb * if this value does not exist, logoimage will be substituted providername string 32 optional content provider name holdername string 64 optional name of card holders preventcaptureyn string 1 optional flag whether this wallet card view prevents screen capture either ‘y’ or ‘n’, the default value is ‘n’ startdate long 13 optional start date display start date epoch timestamp in milliseconds enddate long 13 optional end date display end date epoch timestamp in milliseconds locations string 1024 optional list of locations where the card can be used * see location format noticedesc string 5000 required text of the benefits using data in json format converted to escape string* see additional information information format csinfostring 512 optional providers’ customer service information using data in json format converted to escape string * allowed items call, email, website, youtube, instagram, privacynotice, or termsandcondition* see the example below applinklogo string 256 required app link image url the file size must not be greater than 256 kb applinkname string 32 required app link name applinkdatastring 256 required information about the partner app link bgimagestring 256 optional url for card art background image bgcolorstring 8 optional color of the card art e g , #00ffff fontcolor string 8 optional color of the font on the card art supported colors are white or black #000000 or #ffffff blinkcolorstring 8 optional color of the blinking effect which indicates that a card cannot be captured in the indicator area e g , #00ffff barcode value string 4096 conditional barcode data, serial number * required if serialtype isn’t 'none' barcode serialtype string 32 required presentation type barcode/qr/serial/none * see barcode format barcode ptformat string 32 conditional presentation format * see barcode format* required if serialtype isn’t 'none' barcode ptsubformat string 32 barcode pin string 16 optional pin to show with a barcode identifier string 64 optional unique id value such as a membership number grade string 32 optional grade value authentication string 64 optional authentication data which meets choose options * see additional information for details provision data string 512 optional elements to complete provisioning* see provisioning for details transactions string 4096 optional transaction history * long content is allowed * see transactions format summaryurl string 256 optional webpage url that show details, such as transactions example { "card" { "type" "payasyougo", "subtype" "evcharges", "data" [ { "refid" "b3fdc982-28c9-47a3-b02f-d484779698a7", "createdat" 1672574400000, "updatedat" 1672574400000, "language" "en", "attributes" { "title" "ev charge card", "logoimage" "https //gpp walletsvc samsung com/mcs/images/contents/wallet_intro_logo png", "logoimage darkurl" "https //gpp walletsvc samsung com/mcs/images/contents/wallet_intro_logo png", "providername" "ev-samsung", "holdername" "ms jane doe", "preventcaptureyn" "y", "enddate" 1772574400000, "noticedesc" "{\"count\" 2,\"info\" [{\"title\" \"포인트 적립\",\"content\" [\"결제금액 1000원당 포인트가 적립됩니다 \"]},{\"title\" \"포인트 사용방법\",\"content\" [\"적립하신 포인트의 유효기간은 발생일로부터 5년입니다 \",\"유효기간이 지난 포인트는 소멸됩니다 \"]}]}", "csinfo" " {\"call\" \"0000-0000\",\"website\" \"https //www samsungwallet com/cs/\",\"instagram\" \"https //www instagram com/samsungwallet\",\"youtube\" \"https //www youtube com/@samsungwallet\",\"privacynotice\" \"https //privacy samsungwallet com/\",\"termsandcondition\" \"https //www samsungwallet com/tnc\" }", "applinklogo" "https //play-lh googleusercontent com/znfa1roz7hpv9j-jiacbjmjudl2x-fnuwte0oyvbbcwvf5vpzoqqikbxgk7d-aptvag=w240-h480-rw", "applinkname" "ev charge link", "applinkdata" "https //www samsungev com/", "bgcolor" "#0a1a4f", "fontcolor" "#ffffff", "blinkcolor" "#00ffff", "barcode value" "1234000067890000", "barcode serialtype" "qrcode", "barcode ptformat" "qrcodeserial", "barcode ptsubformat" "qr_code", "barcode pin" "1234", "identifier" "ev-001", "grade" "prime", "authentication" "sdaiwegjhewoghewoihgewo", "provision data" "asd2hfih9gwejdahgi4uaewhgeo6whgo12ewhgoewahg1iawpriuq7hg5wel", "transactions" "{\"transactions\" [{\"date\" \"2023-09-10 12 00 00\",\"description\" \"ev-samsung suwon\"},{\"date\" \"2023-09-20 18 00 00\",\"description\" \"ev-samsung gangnam\"}]}" } } ] } }
Develop Samsung Wallet
docwallet server and the partner’s server to support the feature, the partner has to set the links in the partners portal wallet card type wallet card type wallet card subtype loyalty others others wallet card data fields attributes type value description attributes {fields} title string 32 required main title e g ,samsung loyalty card eventid string 36 optional if full cancelation of the event occurs, find and process all loyalty cards with this id groupingid string 36 optional identifier used to group related cards orderid string 36 optional a unique identifier for an order subtitle1 string 32 optional the auxiliary field which displays supporting information logoimage string 256 optional logo image url to be displayed in the card item the file size should not exceed 256 kb logoimage darkurl string 256 optional logo image url in dark mode the file size should not exceed 256 kb logoimage lighturl string 256 optional logo image url in light mode the file size should not exceed 256 kb providername string 32 required loyalty card provider name startdate long 13 optional start date display start date epoch timestamp in milliseconds enddate long 13 optional end date display end date epoch timestamp in milliseconds locations string 1024 optional list of locations where the card can be used * see location format noticedesc string 5000 optional text of notice *html supported csinfo string 512 optional providers’ customer service information using data in json format converted to escape string * allowed items call, email, website, facebook, pinterest, x, or instagram * see the example below applinklogo string 256 required app link image url the file size should not exceed 256 kb applinkname string 32 required app link name applinkdata string 256 required information about the partner app link bgimage string 256 optional background image for a card art the recommended size for image resources is 888 x 555 px bgcolor string 8 optional color of the card art e g , #00ffff fontcolor string 8 optional color of the font on the card art acceptable values dark, light blinkcolor string 8 optional color of the blinking effect which indicates that a card cannot be captured in the indicator area e g , #00ffff barcode value string 4096 optional actual data that is delivered when the barcode/qr code is scanned barcode serialtype string 32 optional presentation type e g , serialnumber, barcode * see barcode format barcode ptformat string 32 optional presentation format e g , barcode, qrcode, serial * see barcode format barcode ptsubformat string 32 optional presentation sub-format e g , code_128, qr_code *see barcode format barcode errorcorrectionlevel string 4 optional amount of redundancy or error correction data included in the code there are four error correction levels available in qr codes * code options l/m/q/h merchantid string 36 optional merchant identifier merchantname string 32 optional merchant name to display amount string 32 optional total amount of points or initial balance this is going to be shown as received it is recommended to use a one letter currency symbol e g , $ 1,000, 1,000p balance string 32 optional available points or remaining balance this is going to be shown as received it is recommended to use a one letter currency symbol e g , $ 1,000, 1,000p summaryurl string 256 optional webpage url that shows details, such as balance or transactions history example { "card" { "type" "loyalty", "subtype" "others", "data" [ { "refid" "b3fdc982-28c9-47a3-b02f-d484779698a8", "createdat" 1672574400000, "updatedat" 1672574400000, "language" "en", "attributes" { "title" "samsung loyalty card", "eventid" "event-001", "logoimage" "https //gpp walletsvc samsung com/mcs/images/contents/wallet_intro_logo png", "logoimage darkurl" "https //gpp walletsvc samsung com/mcs/images/contents/wallet_intro_logo png", "providername" "samsung loyalty card provider", "noticedesc" "<ul><li>loyalty card test</li></ul>", "csinfo" " {\"call\" \"0000-0000\",\"email\" \"samsungwallet@samsungwallet com\",\"website\" \"https //www samsungwallet com/cs/\",\"instagram\" \"https //www instagram com/samsungwallet\",\"pinterest\" \"https //www pinterest com/samsungwallet\",\"x\" \"https //www twitter com/samsungwallet\",\"facebook\" \"https //www facebook com/samsungwallet\" }", "applinklogo" "https //play-lh googleusercontent com/znfa1roz7hpv9j-jiacbjmjudl2x-fnuwte0oyvbbcwvf5vpzoqqikbxgk7d-aptvag=w240-h480-rw", "applinkname" "loyalty card link", "applinkdata" "https //www samsung com/", "bgcolor" "#0a1a4f", "barcode value" "cs16138353212584806754fg1802", "barcode serialtype" "qrcode", "barcode ptformat" "qrcodeserial", "barcode ptsubformat" "qr_code", "amount" "1,000p", "balance" "500p" } } ] } }
Develop Samsung Pay
docwallet service developed by samsung, enabling users to make secure payments using their galaxy devices—both in-store and online as part of the broader samsung wallet ecosystem, it supports not only contactless payments but also digital card management, loyalty programs, and more for developers and technology partners, samsung pay provides a set of sdks and tools that enable seamless integration of payment capabilities into mobile apps and web platforms this empowers merchants, card issuers, and financial institutions to deliver fast, secure, and user-friendly payment experiences overview and components of samsung pay samsung pay is designed as a flexible and secure platform with multiple integration options tailored for different use cases it consists of the following core components key features of samsung pay the key features of samsung pay are uses advanced tokenization and samsung knox security to safeguard user data and transaction integrity enables in-app, online, and contactless payments using nfc and mst where supported verifies transactions with fingerprint, iris, or face recognition—enhancing convenience and safety works across a wide range of samsung smartphones, tablets, and wearables allows card issuance from web and mobile environments using save to pay market-specific adaptations ensure compliance with regional regulatory requirements benefits of samsung pay for developers & partners
Develop Samsung Wallet
docwallet card type wallet card type wallet card subtype idcard employees, nationals, students, drivers, guests, others employees nationals students drivers wallet card data fields attributes type value description attributes {fields} titlestring 32 required main title of cardse g , commercial access, employee badge holdernamestring 64 required name of card holders secondholdernamestring 64 optional second name of card holders organizationstring 64 optional organization of card holders belongingi e , name of department, division, affiliation, association or team, name of college or school positionstring 64 optional position of card holderse g , engineer, 5th grade identifierstring 64 required unique id valuei e , unique card number assigned to the card holdere g , s 123 456 789 012 x idnumberstring 64 optional representative value for an idi e , id number, document number, card/roll number assigned by the institution or collegee g , b19mba115 idstatusstring 64 optional card holder's statusex full time student, graduate, exchange, post-graduate, under-graduate addressstring 256 optional address of card holders placeoflocationstring 64 optional place of location associated with the cardholder idphotostring 128k optional holder’s photo image data encoded base64the file size should not be greater than 128 kb idphoto formatstring 32 optional image file formate g , jpeg, png* unsupported image formats may exist idphoto statusstring 16 optional status of the dataallowed value unchanged document deprecatedstring 1024k optional first document of identity document format deprecatedstring 32 optional document format- allowed value pdf, jpeg, png document status deprecatedstring 16 optional status of the dataallowed value unchanged document{i}string 1024k optional document of identitythis can be images of id cards or cardholder's photos on an enlarged screen image data encoded base64 in case the card has multiple documents, they can have an index i 1 ~ 5the file size should not be greater than 128 kb document{i} formatstring 32 optional document format- allowed value pdf, jpeg, png document{i} statusstring 16 optional status of the dataallowed value unchanged issuedatelong 13 required issue date epoch timestamp in milliseconds birthdatestring 16 optional date of birth genderstring 16 optional gender of card holders classificationstring 16 optional classified identity type expirylong 13 optional expiry date in timestamp format issued data is cleaned up after it expires epoch timestamp in milliseconds contactsstring 32 optional personal contact information such as phone number logoimagestring 256 optional logo image url to be displayed in card item the file size should not exceed 256 kb logoimage darkurl string 256 optional logo image url in dark mode the file size should not exceed 256 kb* if this value does not exist, logoimage will be substituted logoimage lighturl string 256 optional logo image url in light mode the file size should not exceed 256 kb* if this value does not exist, logoimage will be substituted logotext string 16 optional text as an alternative to logoimage providername string 32 required content provider namei e , partnering institute issuername string 32 optional place of issue or issuing authority name extrainfo string 512 optional additional informationi e , bloodgroup, guardianname, govrefid* see additional information format noticedesc string 5000 optional text of the notice * long content is allowed * see additional information format csinfo string 512 required providers’ customer service information using data in json format converted to escape string * allowed items call, email, or website* see the example below privacymodeyn string 1 optional whether or not to require user authentication when using the card either ‘y’ or ‘n’* default ‘n’ applinklogostring 256 optional app link image url the file size should not exceed 256 kb applinknamestring 32 optional app link name applinkdatastring 256 optional information about the partner app link locationsstring 1024 optional list of locations where the card can be used* see location format coverimagestring 256 optional card cover image urlthe file size should not exceed 512 kb the recommended size for image resources is 888 x 555 px bgimagestring 256 optional card background image urlthe file size should not exceed 512 kb the recommended size for image resources is 888 x 555 px bgcolorstring 8 optional color of the card art support hex color code e g , #015aaa fontcolorstring 8 optional color of the font on the card art allowed value black, white blinkcolorstring 8 optional color of the blinking effect in the indicator area support hex color code e g , #015aaa preventcaptureynstring 1 optional flag whether this wallet card view prevents screen capture either 'y' or 'n' * default 'n' barcode valuestring 4096 optional actual data that is delivered when the barcode/qr code is scanned barcode serialtypestring 32 optional presentation type e g , serialnumber, barcode, * see barcode format barcode ptformatstring 32 optional presentation format e g , barcode, qrcode, serial, * see barcode format barcode ptsubformatstring 32 optional presentation sub-format e g , code_128, qr_code, * see barcode format barcode errorcorrectionlevelstring 4 optional amount of redundancy or error correction data included in the code there are four error correction levels available in qr codes - code options l/m/q/h * default l barcode intervalstring 4 optional update interval if support for dynamic updates epoch timestamp in milliseconds authenticationstring 64 optional authentication data which meets choose options * see additional information for details provision datastring 512 optional elements to complete provisioning* see provisioning for details provision intervalstring 16 optional update interval if support for dynamic updatesepoch timestamp in milliseconds example { "card" { "type" "idcard", "subtype" "employees", "data" [ { "refid" "identitycard-bpo1r3e5-3313-0991-z404-sq12994414u8", "createdat" 1658385817000, "updatedat" 1658385817000, "language" "en", "attributes" { "title" "employee id card", "holdername" "kim samsung", "secondholdername" " samsung ", "organization" "digital wallet, mx", "position" "professional", "identifier" "2306070003", "idphoto" "{base64 encoded image data}", "idphoto format" "jpeg", "document1" "{base64 encoded pdf data}", "document1 format" "pdf", "document2" "{base64 encoded pdf data}", "document2 format" "pdf", "issuedate" "1658385817000", "expiry" "1765855665000", "logoimage" "https // /logo png", "providername" "samsung electronics", "extrainfo" "{\"count\" 1,\"info\" [{\"title\" \"shortcode\",\"content\" [\"404457\"]}]}", "noticedesc" "{\"count\" 2,\"info\" [{\"title\" \"notice1\",\"content\" [\"description1\",\"description2\"]},{\"title\" \"notice2\",\"content\" [\"description1\",\"description2\"]}]}", "csinfo" "{\"call\" \"555 123-4567\", \"email\" \"cs@email com\", \"website\" \"https //homepage com/cs\"}", "applinkname" "samsung electronics", "applinklogo" "https // /applinklogo png", "applinkdata" "https //www applinkorweblink com", "coverimage" "https // /card/cover png", "bgimage" "https // /card/background png", "fontcolor" "dark", "barcode value" "5728306720836720763017601", "barcode serialtype" "qrcode", "barcode ptformat" "qrcode", "barcode ptsubformat" "qr_code", "barcode interval" "300000", "authentication" "samsung@samsung com", "provision data" "{\"appkey\" \"abcdefaei;fadaf=\",\"telno\" \"01012345678\",\"provider\" \"sec\",\"id\" \"0000000000000000\",\"authkey\" \"a3b7fgj0ea\"}" }, "localization" [ { "language" "ko", "attributes" { "title" "사원증", "holdername" "김삼성", "secondholdername" "kim samsung", "providername" "삼성전자" } } ] } ] } }
Develop Samsung Wallet
docwallet features for their organization or service key roles include
Develop Samsung Pay
docwallet app 3 4 8 integration workflow the integration involves several key steps initialization & ui setup step 1–2 register session the partner server initiates the flow by registering with the s2p server on success, it receives regid a unique session identifier must be cached for session tracking welcomeurl a hosted ui url that guides the user through the card addition process step 3 display welcome ui the partner's frontend embeds the welcomeurl ui typically in an <iframe> the ui shows a qr code and clear instructions for the user to continue user interaction step 4 user launches samsung wallet spay wa the user opens the samsung wallet app and scans the qr code shown on the welcome ui if the app is not installed, the ui directs the user to download the samsung wallet app sign in with their samsung account session linking & device validation step 5–6 initiate request & device association spay wa scans the qr code and triggers an initiate request to the s2p server s2p validates the payload and links the device info with the regid the server also forwards the device metadata to the partner server device id wallet id user id the welcome ui updates to show that linking was successful card pre-provisioning step 7–8 partner pre-provisions card the partner server contacts the issuer to pre-provision the card retrieve the encrypted issuerblob which contains secure card/token information step 9 return issuerblob the partner server includes the issuerblob in its notify response back to the s2p server this blob is encrypted only the issuer can decrypt it is device- and wallet-specific only usable by the original device format depends on the issuer step 10 deliver to device the s2p server includes the issuerblob and any other metadata in the initiate response back to the spay wa tokenization steps 11–16 add token in samsung pay spay wa initiates the standard tokenization process using the issuerblob the token is securely added to the samsung wallet for use in nfc or online transactions completion & confirmation step 17 notify s2p server after successful provisioning, spay wa notifies the s2p server that the card/token was added successfully for the given regid step 18 notify partner the s2p server sends a final callback to the partner server confirming the process is completed for the regid 3 4 9 data types type json type format description string string size 2048 boolean boolean object object enum string pattern [a-za-z0-9_]{1,256 values from a limited set are only allowed each field of type enum will define the values allowed phonenumber string pattern [0-9+ -]+ uuid string pattern [a-za-z0-9-_]{26,128} unique identifier url string size 2048 must be an absolute url defined by rfc 2396 uniform resource identifiers uri generic syntax supported schemes - http, https timestamp number int64 - signed 64 bits unix epoch time in milliseconds countrycode string size 2 unique identifier 3 4 10 inbound api specification – save2pay the inbound api specification for save2pay defines the protocols and requirements for partner servers to interact with the save2pay system this specification ensures secure and standardized communication during the push provisioning process general contract base url https //s2p-api mpay samsung com/ext/v1 security mutual ssl is required common headers header name type validation description request-id uuid required unique identifier for the request partner-id uuid required unique identifier that is provided to partner during onboarding partner-id uuid required request-id echoed back in the response headers common http error codes http code description application code message 400 bad request 400 1 invalid data 500 internal server error 500 1 internal server error 503 service not available 503 1 service temporarily unavailable retry-after header is required 503 service not available 503 2 api temporarily unavailable retry-after header is required 3 4 11 registration partner server registers a session for the user as a result, a unique registration id will be generated partner server should make sure that this is called only once for one card a welcomeurl will also be returned partner server can display the welcomeurl in browser or email upon rendering, a qr code will be displayed and users can use their spay wa to scan the qr code welcomeurl has an expiration date, partner server should check if it's still valid before rendering if it's expired, a get call will return the new url request post /registrations body key type validation description example registration email string optional user email address registration enforceemailmatching boolean default is false optional enforce only spay wa with the same email address can provision enforcement is only against the email address that's provided by the partner true registration hideemail boolean default is false optional hide email field registration phone phonenumber optional user phone number registration enforcephonematching boolean optional default is false enforce only spay wa with the same phone number can provision enforcement is only against the phone number that's provided by the partner true registration hidephone boolean optional default is false hide phone field registration welcomecallbackurl url optional callback url that the welcome ui will redirect to once the user successfully linked a spay wa account registration allowofflinecommunication boolean optional default is false if true, s2p will communicate to the user via email and/or phone number to facilitate the provisioning process registration data object optional arbitrary data blob that'll be passed to the device when an account is linked registration custom cardname string required card name that'll show on the welcome page registration custom cardarturl url required cardart url that'll show on the welcome page registration custom partnername string required partner name that'll show on the welcome page registration custom partnerlogourl url required partner logo url that'll show on the welcome page registration custom partnertncurl url optional partner tnc url that'll show on the welcome page registration id uuid required registration id that identifies this session registration status enum - pending, linked required registration status pending registration welcomeurlexpiration timestamp required welcomeurl expiration timestamp in milliseconds response status http/1 1 201 created header name value content-type application/json example post /ext/v1/registrations { "email" "user@gmail com", "enforceemailmatching" true, "phone" "14089998888", "enforcephonematching" true, "custom" { "cardname" "xyz bank credit card", "cardarturl" "https //xyz com/cardart png", "partnername" "xyz bank", "partnerlogourl" "https //xyz com/logo png" } } http/1 1 201 created { "id" "395ce2e29485442cbd9bacdc77105126", "welcomeurl" "https //s2p stg mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiw iywxnijoizglyin0 s0dnxrskdkjw8sbh kg4uqhfwkkdnqrviihkaqshq_jayb99ct tizdzrwrn-qlhuzj4imuyv1sagehavyxluamarwa tlekqcerr0jklc-fnqkcva", "status" "pending", "welcomeurlexpiration" 1505953396844 } get registration check existing registration status and/or get new welcomeurl request get /registrations/{regid} headers name value validation partner-id partner id value assigned by samsung wallet required response status http/1 1 200 ok status name value content-type application/json body key type validation description example registration id uuid required registration id that identify this session registration status enum - pending, linked required registration status pending registration welcomeurl url required this is the url that partner can show to the user as an iframe a separate page it shows the qrcode and optionally user can enter email and phone number registration welcomeurlexpiration timestamp required welcomeurl expiration timestamp in milliseconds example http/1 1 200 ok { "id" "395ce2e29485442cbd9bacdc77105126", "welcomeurl" "https //s2p stg mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiw iywxnijoizglyin0 s0dnxrskdkjw8sbh kg4uqhfwkkdnqrviihkaqshq_jayb99ct tizdzrwrn-qlhuzj4imuyv1sagehavyxluamarwa tlekqcerr0jklc-fnqkcva", "status" "pending", "welcomeurlexpiration" 1505953396844 } errors common http error codes http code description application code message 400 bad request 400 1 invalid data 500 internal server error 500 1 internal server error 503 service not available 503 1 service temporarily unavailable retry-after header is required 503 service not available 503 2 api temporarily unavailable retry-after header is required 3 4 12 outbound to partner the outbound api specification for save2pay defines how the save2pay server communicates with partner servers during the push provisioning process this specification ensures secure and standardized communication between save2pay and its partners general contract base url base url for outbound apis to be provided by the partner during the onboarding process security mutual ssl is required common headers header name type validation description request-id uuid required unique identifier for the request partner-id uuid required unique identifier that is provided to partner during onboarding response-id uuid required request-id echoed back in the response headers 3 4 13 event notification notify partner for events request post /notifications body key description type validation example event regid registration id uuid required event type event type enum refer to event types and errors for details required event error more information about the failure enum refer to event types and errors for details event desc additional description of the event string optional user container for user information object conditional will be present for payment cards user id samsung account id string required emailmatches is true if the email provided in the registration request matches with samsung account email boolean conditional it is present only if an email was provided in the registration request phonematches is true if the phone number provided in the registration request matches with device phone number boolean conditional it is present only if a phone number was provided in the registration request device container for device information object conditional will be present for payment cards device id device id string required device imeilast4 last 4 of device imei string size 4 optional device seriallast4 last 4 of device serial number string size 4 optional device locale country device country code countrycode optional wallet container for wallet information object conditional will be present for payment cards wallet id wallet id string required event types and errors type error description wa_ready wallet app is ready for provisioning wa_provisioned indicates card was successfully provisioned into the wallet wa_provision_failure indicates provisioning failed for some unknown reason wa_provision_failure card_already_present indicates card is already present response status http/1 1 200 ok header name value content-type application/json body card data encrypteddata description encrypted pan data that will be returned to the device to provision the card type string size 65536 validation conditional required if card data was not provided in the registration request example example post /notifications { "event" { "regid" "395ce2e29485442cbd9bacdc77105126", "type" "wa_ready" }, "emailmatches" true, "phonematches" true, "user" { "id" "rcsm3gwjt9mxgfwy5sg123" }, "wallet" { "id" "gpccugejs9giih8zch1111" }, "device" { "id" "mtuxmte5mdawmjawmdm1n999", "imeilast4" "6166", "locale" { "country" "us" }, "seriallast4" "4934" } } http/1 1 200 ok { "card" { "data" { "encrypteddata" "*****" } } } 3 4 14 save to pay javascript library javascript library interface savetopayui { /** * shows the welcome ui redirects to welcomecallbackurl if it was provided in the registration request when the page reaches one of the final states */ static void showwelcomemodal s2prequest r ; /** * shows the welcome ui resolves the promise with the status and optionally details after the welcome ui is closed */ static promise <s2presponse> showwelcomemodalpromise s2prequest r ; /** * api to close the modal */ static void closewelcomemodal ; }; dictionary s2prequest { /** * welcomeurl provided by save2pay server in the registration response */ required domstring welcomeurl; }; dictionary s2presponse { required status status, /** * true if triggered by iframe closing by user or parent page * false if the status is one of the final statuses, not triggered by iframe closing this can only happen in mobile android case */ required boolean isiframeclosed, /** * optional error information if the status is 'failure' */ details details }; dictionary details { required errorcode errorcode; domstring message; }; enum status { "success", "failure", "device_not_supported", "default_pending" }; enum errorcode { "invalid_input", "provision_failure", "network_error", "unknown_error", "card_already_present", "canceled" }; usage code block -1 html <script src="https //spay samsung com/s2p/libs/js/0 0 4/s2p min js"></script> code block -2 javascript - redirect var input = { "welcomeurl" 'https //s2p mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiwiywx nijoizglyin0 eltgw8qp56ciezo2 mh34gjebgyp_m7- gw0sbdl3ckaplp7rtvmc8fe-tmq2ipmp2rcc1a39qodbvw2schiarbooahbe77lpvl8nhkkapi6mhynl-yz6gqx0sjw xfrtyjpdzxrnmlq8ffe6pg' } window spay savetopayui showwelcomemodal input code block- 3 javascript - promise var request = { "welcomeurl" 'https //s2p mpay samsung com/v1/welcome/eyjlbmmioijbmju2r0nniiwiywx nijoizglyin0 eltgw8qp56ciezo2 mh34gjebgyp_m7- gw0sbdl3ckaplp7rtvmc8fe-tmq2ipmp2rcc1a39qodbvw2schiarbooahbe77lpvl8nhkkapi6mhynl-yz6gqx0sjw xfrtyjpdzxrnmlq8ffe6pg' } function successcallback response { console log response status } function failurecallback error { console log error } window spay savetopayui showwelcomemodalpromise request then succes scallback, failurecallback promise resolution device type description desktop, tablet & mobile - ios js library will resolve the promise - 1 when the iframe is closed by the user 2 closewelcomemodal function is invoked mobile - android js library will resolve the promise as soon as the provisioning session ends or closewelcomemodal function is invoked provisioning session ends when one of the following has happened - 1 the card was successfully added 2 there was some failure and card provisioning flow cannot continue further 3 timeout has happened 4 user canceled the provisioning process mobile flows
Develop Samsung Wallet
docwallet can provide additional information about the event and an alarm before the event time and expiration ticket cards support event commodities for performances, sports, movies, and entrance wallet card type wallet card type wallet card subtype ticket performances, sports, movies, entrances, others performances movies sports entrances wallet card data fields attributes type value description attributes {fields} title string 32 required main title e g , mlb ticket category string 16 optional ticket category * this will be deprecated eventid string 32 optional if full cancelation of the event occurs, find and process all tickets with this id groupingidstring 32 optional identifier used to group related cards orderidstring 32 optional a unique identifier for an order mainimg string 256 required url for main ticket image the file size should not exceed 512 kb subtitle1 string 32 optional the auxiliary field which displays supporting information logoimagestring 256 required logo image url to be displayed in the card item the file size should not exceed 256 kb logoimage darkurlstring 256 required logo image url in dark mode the file size should not exceed 256 kb logoimage lighturlstring 256 required logo image url in light mode the file size should not exceed 256 kb wideimagestring 256 optional wide horizontal image url displayed on the card information screen the file size should not exceed 256 kb providername string 32 required ticket provider name providerviewlinkstring 512 optional link to additional information from the provider* see links format classificationstring 16 optional classification of tickets use onetime, regular, or annual * default onetime holdernamestring 64 optional name of card holders idphotostring 20k optional holder’s photo image data encoded base64 idphoto format string 32 optional image file formate g , jpeg, png * unsupported image formats may exist idphoto status string 16 optional status of the dataallowed value unchanged gradestring 32 optional ticket grade seatclassstring 32 optional seat class entrancestring 64 optional entrance gate seatnumber string 256 optional seat location issuedatelong 13 required issue date epoch timestamp in milliseconds reservationnumberstring 32 required reservation number userstring 64 optional name of person who made the reservation certification string 16 optional ticket certification e g ,r, as a film rating reactivatableynstring 1 optional flag whether the card is able to activate an expired ticket temporarily either 'y' or 'n' * default 'n' preventcaptureyn string 1 optional flag whether this wallet card view prevents screen capture either 'y' or 'n'* default 'n' nonetworksupportyn string 1 optional set whether to support to open the wallet card under 'no network' status either 'y' or 'n' * default 'n' startdate long 13 required start date displayed start date epoch timestamp in milliseconds startdate utcoffset string 8 optional utc offset of start date time at the event location enddate long 13 optional end date displayed end date epoch timestamp in milliseconds * if null, the card will expire in 10 hours from startdate enddate utcoffsetstring 8 optional utc offset of start date time at the event location person1 string 512 optional number of persons by category * see classification format locationsstring 1024 optional list of locations where the card can be used * see location format noticedesc string 5000 required text of the notice * long content is allowed * see additional information format groupinfo1 string 64 optional the first common information with the same groupingid groupinfo2 string 64 optional the second common information with the same groupingid *it is recommended to set groupinfo1 first groupinfo3 string 64 optional the third common information with the same 'groupingid' *it is recommended to set groupinfo1, groupinfo2 first csinfostring 512 optional providers’ customer service informationusing data in json format converted to escape string * allowed items call, email, website, facebook, youtube, or instagram* see the example below privacymodeynstring 1 optional whether or not to require user authentication when using the cardeither ‘y’ or ‘n’* default ‘n’ applinklogo string 256 required app link image url the file size should not exceed 256 kb applinknamestring 32 required app link name applinkdatastring 256 required information about the partner app link bgcolor string 8 optional color of the card art e g , #00ffff fontcolor string 8 optional color of the font on the card art acceptable values dark, light blinkcolorstring 8 optional color of the blinking effect in the indicator areae g , #00ffff barcode value string 4096 optional actual data that is delivered when the barcode/qr code is scanned barcode serialtype string 32 optional presentation type e g , serialnumber, barcode * see barcode format barcode ptformat string 32 optional presentation format e g , barcode, qrcode, serial * see barcode format barcode ptsubformat string 32 optional presentation sub-format e g , code_128, qr_code * see barcode format barcode errorcorrectionlevel string 4 optional amount of redundancy or error correction data included in the code there are four error correction levels available in qr codes * code options l/m/q/h barcode intervalstring 4 optional update interval if support for dynamic updatesepoch timestamp in milliseconds provision data string 512 optional elements to complete provisioning* see provisioning for details provision interval string 16 optional update interval if support for dynamic updates epoch timestamp in milliseconds relcoupon{i} title string 32 conditional coupon title * required if this ticket has a related couponi 1~3 relcoupon{i} subtitle string 32 optional coupon subtitlei 1~3 relcoupon{i} providername string 32 conditional coupon provider name * required if this ticket has a related coupon i 1~3 relcoupon{i} imagefilesrc string 256 optional coupon image url the file size should not exceed 256 kb i 1~3 relcoupon{i} noticedescription string 1024 optional text of the notice * long content is allowed * see additional information format i 1~3 relcoupon{i} notificationtime long 13 optional coupon exposure time epoch timestamp in milliseconds i 1~3 relcoupon{i} value string 4096 conditional actual data that is delivered when the barcode/qr code is scanned i 1~3 relcoupon{i} serialtype string 32 required presentation typee g , serialnumber, barcode, * see barcode format i 1~3 relcoupon{i} ptformatstring 32 conditional presentation formate g , barcode, qrcode, serial, * see barcode format i 1~3 relcoupon{i} ptsubformat string 32 conditional presentation sub-formate g , code_128, qr_code, * see barcode format i 1~3 relcoupon{i} errorcorrectionlevel string 4 optional amount of redundancy or error correction data included in the code there are four error correction levels available in qr codes - code options l/m/q/h i 1~3 example { "card" { "type" "ticket", "subtype" "entrances", "data" [ { "refid" "ent-ticket-0613001", "createdat" 1686657600000, "updatedat" 1686657600000, "language" "en", "attributes" { "title" "galaxy land entrance ticket", "subtitle1" "standard", "classification" "annual", "groupingid" "group-0613001", "orderid" "ent-0613001", "mainimg" "https // /main png", "logoimage" "https // /logo png", "providername" "galaxy entertainment", "logoimage darkurl" "https // /logo-dark png", "issuedate" 1686657600000, "reservationnumber" "glx-0613-001", "startdate" 1686657600000, "enddate" 1718280000000, "holdername" "kim eunha", "idphoto data" "base64-encoded{image-file-data}", "idphoto format" "png", "grade" "family", "person1" "{\"person\" [{\"category\" \"adult\", \"count\" 1 }]}", "locations" "[{\"lat\" 37 256518, \"lng\" 127 053516, \"address\" \"samsung-ro yeongtong-gu, suwon\", \"name\" \"galaxy land central park\"}]", "noticedesc" "{\"count\" 2,\"info\" [{\"title\" \"notice 1\",\"content\" [\"description 1-1\",\"description 1-2\"]},{\"title\" \"notice 2\",\"content\" [\"description 2-1\"]}]}", "groupinfo1" "adult 1", "groupinfo2" "standard", "groupinfo3" "family", "csinfo" "{\"call\" \"0000-0000\",\"email\" \"samsungwallet@samsungwallet com\",\"website\" \"https //www samsungwallet com/cs/\",\"instagram\" \"https //www instagram com/samsungwallet\",\"youtube\" \"https //www youtube com/@samsungwallet\",\"facebook\" \"https //www facebook com/samsungwallet\" }", "applinkname" "galaxy ticket", "applinklogo" "https // /applinklogo png", "applinkdata" "https //www applinkdata com", "bgcolor" "#e86d1f", "fontcolor" "light", "blinkcolor" "#e86d1f", "barcode value" "serial-0613-001", "barcode serialtype" "qrcode", "barcode ptformat" "qrcodeserial", "barcode ptsubformat" "qr_code" }, "localization" [ { "language" "ko", "attributes" { "title" "갤럭시 랜드 입장권", "holdername" "김은하", "person1" "{\"person\" [{\"category\" \"어른\", \"count\" 1 }]}", "locations" "[{\"lat\" 37 256518, \"lng\" 127 053516, \"address\" \"samsung-ro yeongtong-gu, suwon\", \"name\" \"갤럭시 랜드 센트럴 파크\"}]", "noticedesc" "{\"count\" 2,\"info\" [{\"title\" \"공지사항 1\",\"content\" [\"설명 1-1\",\"설명 1-2\"]},{\"title\" \"공지사항 2\",\"content\" [\"설명 2-1\"]}]}", "groupinfo1" "어른 1" } } ] } ] } }
We use cookies to improve your experience on our website and to show you relevant advertising. Manage you settings for our cookies below.
These cookies are essential as they enable you to move around the website. This category cannot be disabled.
These cookies collect information about how you use our website. for example which pages you visit most often. All information these cookies collect is used to improve how the website works.
These cookies allow our website to remember choices you make (such as your user name, language or the region your are in) and tailor the website to provide enhanced features and content for you.
These cookies gather information about your browser habits. They remember that you've visited our website and share this information with other organizations such as advertisers.
You have successfully updated your cookie preferences.