Setup for Push Provisioning
This section describes developer implementation for in-app and web push provisioning. This workflow is not valid for instant-issue cards. For general information, see Mobile wallet support in the Choose a Card Strategy guide.
Push provisioning
You can set up push provisioning after you've completed the required steps for manual provisioning and you have gone live in Production. Please return to the Setup for Mobile Wallets if you have not completed the setup before proceeding with the following steps.
In-app provisioning
You must integrate with the mobile wallet provider’s SDK to allow your users to provision cards and credentials directly to their devices.
To get started, contact the wallet providers to request access to their developer portal and obtain the relevant wallet interface documentation:
- Apple Pay — Send an email to [email protected]
- Google Pay — Go to the Google Pay developer portal
- Samsung Pay — Go to the Samsung Pay developer portal
Once access has been granted, your developers can also reach out to the wallet provider with any inquiries.
In-app provisioning workflow
The in-app push provisioning process involves these entities:
- The cardholder's mobile wallet
- The card network
- The mobile wallet provider
- Your mobile app interface
- Galileo (and you, if you are using the Auth API)
This is the workflow when you push-provision cards to mobile wallets:
- The cardholder requests a tokenized card in your mobile app.
- You send a provisioning request to the mobile wallet provider.
- The wallet provider returns certificates, keys, and other data.
- You send a Create Provisioning Request call to Galileo with the data supplied by the wallet provider. Follow the instructions in the Creating a Provisioning Request guide.
- Galileo encrypts the payload and returns the response to you.
- You create a tokenization request with the encrypted payload and send it to the wallet provider via its SDK.
- The wallet provider decrypts the payload and verifies whether the tokenization request is valid.
- Because the cardholder's identity has already been verified in your app, there are no red, yellow, or green-path checks. All provisioning attempts are by-definition on the green path.
- The card network creates the card token and sends it to the wallet provider.
- The wallet provider activates the token to provision the card to the wallet.
Web push provisioning
Similar to in-app, you are responsible for integrating directly with the wallet providers' APIs to offer web provisioning.
To get started, contact the mobile wallet provider to request access to their implementation guides and API documentation and to access the wallet interface:
- Apple Pay —
- Register with Apple at Apple Business Register.
- It generally takes 7–10 business days for Apple to review and approve the request. This is a one-time registration.
- Once enrolled, you’ll gain access to detailed implementation guides and API reference documentation for your integration with Apple Pay.
- Register with Apple at Apple Business Register.
- Google Pay — Go to the Google’s Wallet API and complete the necessary prerequisites.
- Samsung Pay — Go to the Samsung Pay developer portal
Web provisioning workflow
The web push provisioning process involves these entities:
- The cardholder's mobile wallet
- The card network
- The mobile wallet provider
- Your website
- Galileo (and you, if you are using the Auth API)
Web provisioning follows the same general workflow as in-app, with the expectation that Galileo is responsible for the certificate validation and encryption during card provisioning.
This section describes developer implementation for in-app and web push provisioning. This workflow is not valid for instant-issue cards. For general information, see Mobile wallet support in the Choose a Card Strategy guide.
Updated 1 day ago