How It Works

Regardless of how you integrate with the Paysafe iOS SDK, the same card payments API will be used for processing purchase requests with Paysafe. However, there are differences between the flow for Apple Pay and the flow for traditional card payments from a mobile app.

  • Apple Pay is a digital wallet service that requires a one-time user, card registration, and biometric authentication. Also, in the case of Apple Pay, the tokenization of the card happens at the network level.
  • For traditional card payments, the user enters card data on their mobile device. This card data is sent securely to the Paysafe Customer Vault, where it is tokenized, and the payment processing requests are made from the merchant server via a server-side SDK. The returning user selects from a list of cards tokenized within the Customer Vault.

See how both these flows work:

How iOS Mobile Payments Work

  1. The user enters card details on the mobile app.

  2. The iOS mobile SDK collects the payment and order data and sends it to the Paysafe Customer Vault API, which returns a single-use token to the mobile device. Single-use tokens are valid for only 15 minutes and are not consumed by verification.

  3. This single-use token is sent to the server-side SDK, from which a purchase request is sent to Paysafe Card Payments API

  4. If desired, the user profile can be saved by indicating on the mobile app. In this case, the server-side SDK sends the single-use token to the Paysafe Customer Vault API and in return receives a reusable payment token that is stored on the merchant's server.

    You can convert this temporary, single-use payment token into a permanent, re-usable payment token by using it to create a profile in the Customer Vault. Permanent tokens make it possible to implement capabilities such as recurring billing (perhaps used to pay a subscription) or a "remember me" feature.

IOS Mobile Integration

IOS Mobile Integration

How Apple Pay Works

Step 1 - Customer registers credit or debit cards for Apple Pay on iOS device (one-time process)

Networks like Visa, Mastercard, and American Express have deployed their own token services. These token providers will associate the original card PAN with a generated 16-digit number (i.e., a token) that looks exactly like a debit or credit card number. The 16-digit token is unique to a token requester – the iOS device in this case.

  1. The customer inputs a credit card into their iPhone (via an iTunes card, a Passbook app picture, or manually entering card details).
  2. The Apple device immediately passes the encrypted PAN (Primary Account Number) and requests the Token + Cryptogram from the payment network (Visa, Mastercard, or AMEX).
  3. The Payment Network validates the card information with the issuer, and sends back a 16-digit token – resembling the PAN – and a cryptogram. The last 4 digits of the token are the same as those of the credit card.
  4. The token and cryptogram are stored within a Secure Element (SE) on the iPhone. The Apple device with this information and state acts as a token requester for transaction initiation.

Apple Pay Process - Step 1

Apple Pay Process – Step 1

Step 2 - Merchant processes transaction from their iOS payment app

To process a payment, the merchant's app must make a payment request to the PassKit via an Apple Pay button. The payment app requests authorization from the user with their Touch ID. Once authorized, the PassKit provides the app with a Payment Token to complete the transaction. The payment token contains a cryptogram which, when combined with a merchant's private key, can be used to decrypt and get the token. The token is sent to the acquirer to process the authorization or capture. This type of tokenization is referred to as Network Level Tokenization or Network-side Tokenization. Network-side tokens look like standard PANs, and are usually compatible with the existing payment processing infrastructure.

  1. The customer starts the transaction process from inside a merchant's iOS app (that supports Apple Pay) and authenticates the transaction with Touch ID (fingerprint).
  2. This authentication prompts the Secure Element to send the token and cryptogram to the merchant application.
  3. The merchant application sends the transaction request to the payment processor, which is then sent to the acquiring bank.
  4. The acquirer sends the transaction request along with the payment token + cryptogram to the Payment Network (Visa, Mastercard, and AMEX), which then decrypts the cryptogram and determines whether it is authentic or not. For tokenization (encryption and decryption), the payment Network often uses the services of a Token Service provider (TSP), which are sometimes owned by payment network. If the cryptogram is deemed authentic, the network will get the PAN from the TSP and pass it along with the token to the issuing bank.
  5. The money then flows as usual (money credited to the merchant and marked as an amount owed by the cardholder).

Apple Pay Process - Step 2

Apple Pay Process – Step 2

Click here for more information on how the Apple Pay transaction flow works with the network-side tokenization and payment networks.

Apple Pay Usage Guidelines

The following links provide information on the correct usage of Apple and Apple Pay collateral in your products, including in your apps, web sites, and marketing materials.

Click here to view the countries where Paysafe currently supports Apple Pay.

Did you find this page useful?