Partner Onboarding

The following sections contain a description of the Samsung Wallet onboarding process for new partners.

Overall Onboarding Process

Register a New Samsung Account

To register a new Samsung Account at the Wallet Partners Portal:

Go to the Wallet Partners Portal and click on the Sign Up button.
Enter the email address and password in the sign-in form. If you don’t have a Samsung account yet, click on 'Create account' at the bottom to create an account.
If creating a new account, enter the account details (email address, password, name, date of birth, and ZIP code), and then click Next.

You can easily sign up for the Samsung Wallet service using our step-by-step guide.

To utilize full functionality of the Samsung Wallet Partners Service, you need to enter company information, set encryption information, and configure card information.
After verification, you get authority to use all services.

Warning

Only one account allowed per company. Manage your cards with one account. For partners, you can only manage cards registered with your account.
For a partner account, you must change your password and audit it periodically after the employee leaves. You must also change your password at least every six months.
Multiple users with one account at same time is not allowed. If someone else is signed in with the same account, the account you're already using will be signed out.

Terms and Conditions

Before using the Wallet Partners Portal, an account can be created only by agreeing with the terms and conditions and privacy policy according to your nationality. If you agree with the Privacy Policy, click the Next button, and proceed with the sign-up process.

Company Management

Enter your company information in the form as instructed on the screen.

Item	Description
Company Name	Partner company name, which needs to be unique.
Company Website	Partner website address (optional)
User Name	Username (first name and last name)
Request Comment	Provide the purpose for Samsung Wallet partnership. Be as detailed as possible.
Partner IP Address	IP address for firewall registration. Enter multiple IPs only if using Server-to-Server interworking (up to 30 IPs). (Optional)

Encryption Setting

You need to perform encryption authentication to use the Wallet Partners Portal.

Item	Description
Encryption Type	Select End to End Encryption (CSR).
CSR	CSR (Certificate Signing Request) The SAMSUNG PUBLIC KEY is the key used for data encryption. This can be used to issue and delete wallets. CSR is a file used to request signature of a certificate. After uploading CSR to the portal, CSR will be signed using the Samsung certificate. Please be careful not to expose SAMSUNG PUBLIC KEY and CSR due to security issues. In addition, NAT IP information is provided for partner firewall registration. Upload a csr file only.
Samsung Public Key	The Samsung Public Key is sent to the partner's email account.
Signed Certificate	The signed certificate is sent to the partner’s email account.
NAT IP	IP that needs to allow inbound request calls

Click the Next button to submit form and complete the sign-up process.

A welcome email is sent when a user completes the sign-up process.
In addition, information required for the completion of CSR is sent along with it.

Click the Skip and Verify Later button to skip the sign-up process.
You can resume the sign-up process later.

CSR(Certificate Singing Request) Process

Overview

OpenSSL is an open-source command-line tool that allows users to perform various SSL-related tasks.
This section explains how to create key factors for security with OpenSSL.

Creating a Private Key

Private key helps to enable encryption and is the most important component of certificates.
If you want to make the private key more secure, adding “-des3“ on the command encrypts it with a password.

openssl genpkey -out domain.key -algorithm RSA -pkeyopt rsa_keygen_bits:2048

Creating a CSR

If you want our certificate signed, you need a certificate signing request (CSR). The CSR includes the public key and some additional information (such as organization and country).

Let's create a CSR (domain.csr) from an existing private key.

openssl req -out domain.csr -key domain.key -new -sha256

Enter the private key password if needed and some CSR information to complete the process. The output will look like the following:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:Sample City
Organization Name (eg, company) [Default Company Ltd]:Sample Company
Organizational Unit Name (eg, section) []:Sample section
Common Name (eg, your name or your server's hostname) []:domain
Email Address []:email@email.com

Please enter the following 'extra'attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

‘password’ is optional attribute.
The ‘Common Name’ field is important, as it needs to exactly match the Fully Qualified Domain Name (FQDN) of our domain.

Creating a Key and CSR Together

You can also create both the private key and CSR with a single command:

openssl req -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr

If you want your private key encrypted, you can remove the '-nodes' option.

For More Information

Account Approval

You will receive a welcome email right after account request.
Using the link in the welcome email, you can download your CSR file and install to your PC.

My Account

You can manage your profile and encryption settings in the My Account section.
After a signed certificate is generated, the Encryption Setting Management fields can no longer be edited.