Onboarding Guide

The partner manager should fill basic information of the company and card details on partner portal, choose the card type and template that fit their contents, which will then provide keys such as Card ID and Partner ID. To ensure safe data communication, make sure to prepare security key factors. Samsung will sign the provided CSR then deliver certificates used to create the secured data.

Samsung Account is necessary to manage your own service for Samsung Wallet. The account is used to sign-up/sign-in on Partner portal.

The following sections contain a description of the Samsung Wallet onboarding process for new partners.

Overall Onboarding Process




Register a New Samsung Account

To register a new Samsung account at the Wallet Partners Portal:

  1. Go to the Wallet Partners Portal and click on "Sign In".
  2. Enter the email address and password in the sign-in form. If you don’t have a Samsung account yet, click on "Create account" at the bottom to create one.
  3. If creating a new account, enter the account details (email address, password, name, date of birth, and ZIP code), and then click Next.



Sign Up

The new partner of Wallet Partners Portal is your Samsung account will be conducted by Samsung developer.
The new Partners register to “A Business Account” and agree to the terms and conditions.
The Partners complete your company profile information.

  1. To use Wallet Partners Portal register to “A Business Account”.
    Click on “Get started”.




  1. To use Wallet Partners Portal, you need to accept the Terms of Samsung Developer Portal.
    A Business Account to create is required the company information. “Enter your business information” (Additional information for the Business Account is optional)
    Click on “Submit”.

  2. Partners whose business accounts created goes Wallet partner onboarding process as follows.





  1. You’ll receive a welcome email right after Wallet partner onboarding process.




Set encryption information and Request Permission

You can easily use the Samsung Wallet service using our step-by-step guide.
To utilize the full functionality of the Samsung Wallet Partners Service, you set encryption information, and configure card information.

After verification, you get authority to use all services.


Encryption Setting

You need to perform encryption authentication to use the Wallet Partners Portal.





We support multiple CSR registrations.

• If you click the + button, the CSR registration area will be added.
• If you click the - button, the CSR registration area will be deleted





Item

Description

Encryption Type

Select End to End Encryption (CSR) or None(Upload later).

CSR

CSR (Certificate Signing Request)
The SAMSUNG PUBLIC KEY is the key used for data encryption. This can be used to issue and delete wallets. CSR is a file used to request signature of a certificate. After uploading CSR to the portal, CSR will be signed using the Samsung certificate. Please be careful not to expose SAMSUNG PUBLIC KEY and CSR due to security issues.
Upload a *.csr file only.

None(Upload later)

You need to set encryption information (CSR) to utilize full functionality of Samsung Wallet Service. Even if the subscription is done, you must upload the CSR file later.

Samsung Public Key

Samsung Public Key is sent to the partner’s email account.

Signed Certificate

The signed certificate is sent to the partner’s email account.


Click the Done button to submit form and complete the sign-up process.

• A welcome email is sent when a user completes the sign-up process.
• In addition, information required for the completion of CSR is sent along with it.

CSR (Certificate Signing Request) Process

Overview

OpenSSL is an open-source command-line tool that allows users to perform various SSL-related tasks.
This section explains how to create key factors for security with OpenSSL.

Creating a Private Key

Private key helps to enable encryption and is the most important component of certificates.

openssl genpkey -out domain.key -algorithm RSA -pkeyopt rsa_keygen_bits:2048

• If you want to make the private key more secure, adding “-des3“ on the command encrypts it with a password.

Creating a Certificate Singing Request (CSR)

If you want our certificate signed, you need a certificate signing request (CSR). The CSR includes the public key and some additional information (such as organization and location).

Let's create a CSR (domain.csr) from the existing private key.

openssl req -out domain.csr -key domain.key -new -sha256

You'll enter our private key password if needed and some CSR information to complete the process. The output will look like:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:KR
State or Province Name (full name) []:Seoul
Locality Name (eg, city) [Default City]:Sample City
Organization Name (eg, company) [Default Company Ltd]:Sample Company
Organizational Unit Name (eg, section) []:Sample section
Common Name (eg, your name or your server's hostname) []:domain
Email Address []:email@email.com

Please enter the following 'extra'attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

• “password“ is optional attribute.
• An important field is “Common Name”, which should be the exact Fully Qualified Domain Name (FQDN) of our domain.

Creating a Key and CSR Together

You can also create both the private key and CSR with a single command:

openssl req -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr

• If you want your private key encrypted, you can remove the “-nodes“ option.

For More Information

• https://en.wikipedia.org/wiki/Public_key_certificate
• https://www.openssl.org

My Account

  1. You can manage "Wallet Partner Management" in the My Account section.
    You can modify Company information.




  1. You can manage encryption settings in the My Account section
    After a signed certificate is generated, the Encryption Setting Management fields can no longer be edited.