How It Works
Regardless of how you integrate with the Paysafe iOS SDK, the same card payments API will be used for processing purchase requests with Paysafe. However, there are differences between the flow for Apple Pay and the flow for traditional card payments from a mobile app.
- Apple Pay is a digital wallet service that requires a one-time user, card registration, and biometric authentication. Also, in the case of Apple Pay, the tokenization of the card happens at the network level.
- For traditional card payments, the user enters card data on their mobile device. This card data is sent securely to the Paysafe Customer Vault, where it is tokenized, and the payment processing requests are made from the merchant server via a server-side SDK. The returning user selects from a list of cards tokenized within the Customer Vault.
See how both these flows work:
The user enters card details on the mobile app.
The iOS mobile SDK collects the payment and order data and sends it to the Paysafe Customer Vault API, which returns a single-use token to the mobile device. Single-use tokens are valid for only 15 minutes and are not consumed by verification.
This single-use token is sent to the server-side SDK, from which a purchase request is sent to Paysafe Card Payments API
If desired, the user profile can be saved by indicating on the mobile app. In this case, the server-side SDK sends the single-use token to the Paysafe Customer Vault API and in return receives a reusable payment token that is stored on the merchant's server.
You can convert this temporary, single-use payment token into a permanent, re-usable payment token by using it to create a profile in the Customer Vault. Permanent tokens make it possible to implement capabilities such as recurring billing (perhaps used to pay a subscription) or a "remember me" feature.
IOS Mobile Integration
Step 1 - Customer registers credit or debit cards for Apple Pay on iOS device (one-time process)
Networks like Visa, Mastercard, and American Express have deployed their own token services. These token providers will associate the original card PAN with a generated 16-digit number (i.e., a token) that looks exactly like a debit or credit card number. The 16-digit token is unique to a token requester – the iOS device in this case.
- The customer inputs a credit card into their iPhone (via an iTunes card, a Passbook app picture, or manually entering card details).
- The Apple device immediately passes the encrypted PAN (Primary Account Number) and requests the Token + Cryptogram from the payment network (Visa, Mastercard, or AMEX).
- The Payment Network validates the card information with the issuer, and sends back a 16-digit token – resembling the PAN – and a cryptogram. The last 4 digits of the token are the same as those of the credit card.
- The token and cryptogram are stored within a Secure Element (SE) on the iPhone. The Apple device with this information and state acts as a token requester for transaction initiation.
Apple Pay Process – Step 1
Step 2 - Merchant processes transaction from their iOS payment app
To process a payment, the merchant's app must make a payment request to the PassKit via an Apple Pay button. The payment app requests authorization from the user with their Touch ID. Once authorized, the PassKit provides the app with a Payment Token to complete the transaction. The payment token contains a cryptogram which, when combined with a merchant's private key, can be used to decrypt and get the token. The token is sent to the acquirer to process the authorization or capture. This type of tokenization is referred to as Network Level Tokenization or Network-side Tokenization. Network-side tokens look like standard PANs, and are usually compatible with the existing payment processing infrastructure.
- The customer starts the transaction process from inside a merchant's iOS app (that supports Apple Pay) and authenticates the transaction with Touch ID (fingerprint).
- This authentication prompts the Secure Element to send the token and cryptogram to the merchant application.
- The merchant application sends the transaction request to the payment processor, which is then sent to the acquiring bank.
- The acquirer sends the transaction request along with the payment token + cryptogram to the Payment Network (Visa, Mastercard, and AMEX), which then decrypts the cryptogram and determines whether it is authentic or not. For tokenization (encryption and decryption), the payment Network often uses the services of a Token Service provider (TSP), which are sometimes owned by payment network. If the cryptogram is deemed authentic, the network will get the PAN from the TSP and pass it along with the token to the issuing bank.
- The money then flows as usual (money credited to the merchant and marked as an amount owed by the cardholder).
Apple Pay Process – Step 2
Click here for more information on how the Apple Pay transaction flow works with the network-side tokenization and payment networks.
Apple Pay Usage Guidelines
The following links provide information on the correct usage of Apple and Apple Pay collateral in your products, including in your apps, web sites, and marketing materials.
- Guidelines for Using Apple Trademarks and Copyrights – http://www.apple.com/legal/trademark/guidelinesfor3rdparties.html.
These guidelines are for Apple developers and other parties wishing to use Apple’s trademarks, service marks or images in promotional, advertising, instructional, or reference materials, or on their web sites, products, labels, or packaging.
- Identity Guidelines for Developers – https://developer.apple.com/apple-pay/Apple-Pay-Identity-Guidelines.pdf.
These guidelines are for Apple Developer Program members who provide their app or website users with access to the Apple Pay feature in iOS, watchOS, or on the web with Safari.
- Acceptable Use Guidelines – https://developer.apple.com/apple-pay/acceptable-use-guidelines-for-websites/.
These guidelines are for businesses that wish to incorporate Apple Pay into their websites, including prohibited uses and design standards.
Click here to view the countries where Paysafe currently supports Apple Pay.