Home / Issuing / Issue Cards
Digital wallets enhance security by creating a token: a digital account number that is a substitute value for a customer's personal account number (PAN). This token is presented to the merchant rather than the PAN, so the merchant cannot see or retain the payment card’s information.
You can provision payment cards to digital wallets such as Apple Pay, Google Wallet, and Samsung Pay. Payment cards are added to digital wallets in two ways:
This guide provides steps for creating a push provisioning implementation.
Apple requires you to complete the following steps before developing a push provisioning project. The Highnote team will assist with each step as you prepare for your push provisioning implementation:
After receiving a response from the Apple Pay Entitlements team, you can expect to answer the following questions:
After completing the previous steps, you can access Apple Pay's Wallet API documentation for more information on building your push provisioning implementation.
Google requires you to complete the following steps before developing a push provisioning project. The Highnote team will assist with each step as you prepare for your push provisioning implementation:
com.grppl.android.shell.TheIssuer
.action.open_issuerapp
.com.grppl.android.shell.TheIssuer
.action.open_issuerapp
.After submitting the request form, you will receive a response prompting you to provide more information to describe your company. The Highnote team will assist with providing answers to additional information requests. You can expect the following responses:
After completing the previous steps, you can complete Google's Push Provisioning API UX Review Request.
After completing the prerequisites for the digital wallets you wish to support, the Highnote team will secure payment network push provisioning approval and establish a kickoff meeting with your development team.
Google provides a standard solution that your development team can utilize. See Google's SDK releases for more information.
Warning: The Highnote test environment lets you explore the platform features and functionality freely. It is intended for experimenting, building integrations, and training your team.
To ensure the security of your real-world data, please don't use production data in the test environment. Production data includes sensitive information like customer details, financial data, or personally identifiable information (PII).
Use only dummy or test data explicitly created for testing purposes in the test environment.
You can simulate generating a token and perform authorizations on various token statuses in the test environment. Generating a token is a two-step process:
id
that is in the requested state.You can then query for the status of a token.
You can use the SimulateCardDigitalWalletTokenActivation
mutation to request a digital wallet token for a payment card. This will create a card digital wallet token with a status as REQUESTED
. The token is not ready for use until it is activated.
Use the SimulateCardDigitalWalletTokenActivated
mutation to change an existing card digital wallet token which is in a REQUESTED
state to ACTIVE
.
The Apple Pay push provisioning process will validate the following when an account holder adds a payment card to their Apple Wallet:
paymentCardId
provided is validACTIVE
If any of the above criteria fails validation, the request will be rejected. If all validations pass, the API will return the response required by Apple’s SDK for provisioning the card to the Apple Wallet.
You will need to add an "Add to Apple Wallet" call to action in your iOS app that uses the mutation AddPaymentCardToApplePayByDevicePushProvisioning
. Apple provides guidelines and assets for the button.
The following graphic is an example of an Apple Pay push provisioning user interface (UI) experience:
The following graphic displays the flow of data during the Apple Pay push provisioning process:
The Google Wallet push provisioning process will validate the following:
paymentCardId
provided is validACTIVE
If any of the above criteria fails validation, the request will be rejected. If all validations pass, the API will return the response required by Google SDK for provisioning the card to the Google Wallet.
You will need to add a "Save to Phone" call to action in your Android app that uses the mutation AddPaymentCardToGooglePayByDevicePushProvisioning
. Google provides assets for the button.
The following graphic is an example of a Google Wallet push provisioning user interface (UI) experience:
The following graphic displays the flow of data during the Google Wallet push provisioning process:
When a payment card is added to a digital wallet, a token provisioning request will be sent to the digital wallet, network, and Highnote. The request may go to the PENDING_VERIFICATION
state, which will require your account holder to verify their identity. The following verification methods may be configured for your product:
The following states are associated with a digital wallet token provisioning request:
Token State | Description |
---|---|
REQUESTED | The account holder has requested a digital wallet token. |
APPROVED | The account holder was successfully able to tokenize the payment card without additional identity verification. The token will be in an ACTIVE state and ready for transaction use. |
DENIED | The payment card cannot be tokenized and may be due to the payment card’s state or invalid data provided. |
PENDING_VERIFICATION | The wallet provider, network, or issuer has requested additional identity details from the account holder to validate their identity. |
You can search for digital wallet tokens on a given payment card or a digital wallet token’s associated payment card using the following query:
Account holders can suspend a token temporarily or a customer support agent may suspend a token if additional verification is required by the account holder.
Suspended tokens may have the following reasons associated with the token:
Suspended Reason | Description |
---|---|
DEVICE_LOST | Device is reported as lost. |
DEVICE_STOLEN | Device is reported as stolen. |
FRAUDULENT_TRANSACTIONS | Fraudulent transactions have been reported by Highnote or the account holder. |
OTHER | Any other reason for suspending the card digital wallet token. |
Use the following mutation to suspend a token:
You may provide your customer support agents or your account holders the ability to reactivate or unsuspend a token after it has been suspended.
Suspended tokens that have been unsuspended or reactivated may have the following reasons associated with the token:
Unsuspend Reason | Description |
---|---|
DEVICE_FOUND | A lost or stolen device has been found or recovered. |
NON_FRAUDULENT_TRANSACTIONS | After reviewing transaction history, the account holder or Highnote confirmed that there were no fraudulent transactions. |
OTHER | Any other reason for reactivating the card digital wallet token. |
Use the following mutation to unsuspend a token:
A token may be terminated by your customer support agents or account holders. Once a token is terminated, the token is deleted and can no longer be used to transact. A new token must be created once it is terminated.
Terminated tokens may have the following reasons associated with the token:
Termination Reason | Description |
---|---|
ACCOUNT_HOLDER_DELETED | Account holder has been deleted. |
DEVICE_LOST | Device is reported as lost. |
DEVICE_STOLEN | Device is reported as stolen. |
FRAUDULENT_TRANSACTIONS | Fraudulent transactions have been reported by Highnote or the account holder. |
OTHER | Any other reason for terminating the card digital wallet token. |
Use the following mutation to terminate a token:
You can find the status of a token and its historical state transitions using the following query: