This section describes the flows that are two currently supported: the App2App and Web2App ones. RP Partners should select the model based on their integration preference.
Same-device App2App (via Native Wallet SDK)
Diagram with numbered flows
Explanation of each flow
2) Load Button resources
The Verify with Samsung Wallet Integration and the sample code are both supported
3) Check Service Available Devices
This is the process of checking whether the device supports the Verify with Samsung Wallet function. RP Partners can implement it by referring to the provided sample code.
4) Show button with web link
You can implement it by referring to the provided sample code.
Refer to the Data Transmit Link
6) Tokenize card data as JWT
This step generates cdata and Card Data Token.
Refer to the Implementing VWW button
7) Verify with Samsung Wallet link
The link will invoke the WalletApp using AppLink technology. In the meantime, the App2app SDK makes a direct connection between the WalletApp and PartnerApp
10) getMdocRequestData(DeviceEngagementBytes)
The WalletApp makes DeviceEngagementBytes according to the ISO-18013-5 and send it to the PartnerApp
11) sendMdocRequestData(sessionEstablishment)
The PartnerApp build sessionEstablishmentBytes (ISO-18013-5) and encrypt it with HKDF (ISO-18013-5, 9.1.1.5 Cryptographic operations)
13) sendMdocResponse(encryptedResponse)
The WalletApp sends an encrypted ISO-18013-5 response payload to the PartnerApp
3) Check Service Available Devices
This is the process of checking whether the device supports the Verify with Samsung Wallet function. RP Partners can implement this by referring to the provided sample code.
4) Show button with web link
RP Partners can implement this by referring to the provided sample code.
Refer to the Data Transmit Link
6) Tokenize card data as JWT
This step generates cdata, Card Data Token.
Refer to the Implementing VWW button
7) Verify with Samsung Wallet link
The link will invoke the WalletApp using the AppLink technology
10) Transfer DeviceEngagement
The WalletApp makes DeviceEngagementBytes according to the ISO-18013-5 and sends it to the PartnerServer through the Wallet Server
11~12) Request key API (Send Key)
The Wallet Backend Server converts the data received from the request and cardId information into JWT (JWS + JWE) and delivers it to the partner server.
The partner server must decrypt the JWT (JWS + JWE) data again.
The PartnerApp build sessionEstablishmentBytes (ISO-18013-5) and encrypt it with HKDF (ISO-18013-5, 9.1.1.5 Cryptographic operations)
The partner server must create and transmit the data fields required for authentication as JWT (JWS + JWE) in response to the Wallet Backed Server.
14) Send Mdoc response
The WalletApp sends an encrypted ISO-18013-5 response payload to the PartnerServer through the Wallet Server
15) Request auth API (Send authentication data)
The authentication data card information received in step 14 is converted into JWT (JWS+JWE) and transmitted to the partner server.
The partner server must decrypt the JWT (JWS + JWE) data again.
RP Partner can refer to the code links below for decryption, verify.
Cross-device (Not Supported)
Currently, Samsung Wallet does not support Cross-device functionality. This functionality will be added soon.
Manage Your Cookies
We use cookies to improve your experience on our website and to show you relevant
advertising. Manage you settings for our cookies below.
Essential Cookies
These cookies are essential as they enable you to move around the website. This
category cannot be disabled.
Company
Domain
Samsung Electronics
.samsungdeveloperconference.com
Analytical/Performance Cookies
These cookies collect information about how you use our website. for example which
pages you visit most often. All information these cookies collect is used to improve
how the website works.
Company
Domain
LinkedIn
.linkedin.com
Meta (formerly Facebook)
.samsungdeveloperconference.com
Google Inc.
.samsungdeveloperconference.com
Functionality Cookies
These cookies allow our website to remember choices you make (such as your user name, language or the region your are in) and
tailor the website to provide enhanced features and content for you.
Company
Domain
LinkedIn
.ads.linkedin.com, .linkedin.com
Advertising Cookies
These cookies gather information about your browser habits. They remember that
you've visited our website and share this information with other organizations such
as advertisers.
Company
Domain
LinkedIn
.linkedin.com
Meta (formerly Facebook)
.samsungdeveloperconference.com
Google Inc.
.samsungdeveloperconference.com
Preferences Submitted
You have successfully updated your cookie preferences.