Partner Onboarding
The following sections contain a description of the Samsung Wallet onboarding process for new partners.
Overall Onboarding Process
Register a New Samsung Account
To register a new Samsung Account at the Wallet Partners Portal:
- Go to the Wallet Partners Portal and click on the Sign Up button.
- Enter the email address and password in the sign-in form. If you don’t have a Samsung account yet, click on 'Create account' at the bottom to create an account.
- If creating a new account, enter the account details (email address, password, name, date of birth, and ZIP code), and then click Next.
Sign Up and Request Permission
You can easily sign up for the Samsung Wallet service using our step-by-step guide.
To utilize full functionality of the Samsung Wallet Partners Service, you need to enter company information, set encryption information, and configure card information.
After verification, you get authority to use all services.
- Only one account allowed per company. Manage your cards with one account. For partners, you can only manage cards registered with your account.
- For a partner account, you must change your password and audit it periodically after the employee leaves. You must also change your password at least every six months.
- Multiple users with one account at same time is not allowed. If someone else is signed in with the same account, the account you're already using will be signed out.
Terms and Conditions
Before using the Wallet Partners Portal, an account can be created only by agreeing with the terms and conditions and privacy policy according to your nationality. If you agree with the Privacy Policy, click the Next button, and proceed with the sign-up process.
Company Management
Enter your company information in the form as instructed on the screen.
| Item | Description |
|---|---|
| Company Name | Partner company name, which needs to be unique. |
| Company Website | Partner website address (optional) |
| User Name | Username (first name and last name) |
| Request Comment | Provide the purpose for Samsung Wallet partnership. Be as detailed as possible. |
| Partner IP Address | IP address for firewall registration. Enter multiple IPs only if using Server-to-Server interworking (up to 30 IPs). (Optional) |
Encryption Setting
You need to perform encryption authentication to use the Wallet Partners Portal.
| Item | Description |
|---|---|
| Encryption Type | Select End to End Encryption (CSR). |
| CSR | CSR (Certificate Signing Request) The SAMSUNG PUBLIC KEY is the key used for data encryption. This can be used to issue and delete wallets. CSR is a file used to request signature of a certificate. After uploading CSR to the portal, CSR will be signed using the Samsung certificate. Please be careful not to expose SAMSUNG PUBLIC KEY and CSR due to security issues. In addition, NAT IP information is provided for partner firewall registration. Upload a csr file only. |
| Samsung Public Key | The Samsung Public Key is sent to the partner's email account. |
| Signed Certificate | The signed certificate is sent to the partner’s email account. |
| NAT IP | IP that needs to allow inbound request calls |
Click the Next button to submit form and complete the sign-up process.
- A welcome email is sent when a user completes the sign-up process.
- In addition, information required for the completion of CSR is sent along with it.
Click the Skip and Verify Later button to skip the sign-up process. - You can resume the sign-up process later.
CSR(Certificate Singing Request) Process
Overview
OpenSSL is an open-source command-line tool that allows users to perform various SSL-related tasks.
This section explains how to create key factors for security with OpenSSL.
Creating a Private Key
Private key helps to enable encryption and is the most important component of certificates.
If you want to make the private key more secure, adding “-des3“ on the command encrypts it with a password.
openssl genpkey -out domain.key -algorithm RSA -pkeyopt rsa_keygen_bits:2048
Creating a CSR
If you want our certificate signed, you need a certificate signing request (CSR). The CSR includes the public key and some additional information (such as organization and country).
Let's create a CSR (domain.csr) from an existing private key.
openssl req -out domain.csr -key domain.key -new -sha256
Enter the private key password if needed and some CSR information to complete the process. The output will look like the following:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:Sample City
Organization Name (eg, company) [Default Company Ltd]:Sample Company
Organizational Unit Name (eg, section) []:Sample section
Common Name (eg, your name or your server's hostname) []:domain
Email Address []:email@email.com
Please enter the following 'extra'attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
- ‘password’ is optional attribute.
- The ‘Common Name’ field is important, as it needs to exactly match the Fully Qualified Domain Name (FQDN) of our domain.
Creating a Key and CSR Together
You can also create both the private key and CSR with a single command:
openssl req -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr
- If you want your private key encrypted, you can remove the '-nodes' option.
For More Information
Account Approval
You will receive a welcome email right after account request.
Using the link in the welcome email, you can download your CSR file and install to your PC.
My Account
You can manage your profile and encryption settings in the My Account section.
After a signed certificate is generated, the Encryption Setting Management fields can no longer be edited.
