Welcome to our new developer portal! Use the "Ask" button to chat with our AI Agent.
Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Issuer onboarding

TSH onboarding portal

The issuer can sign in to the TSH Onboarding Portal (TOP) using credentials provided by Thales.

After signing in, the issuer can:

Google Pay

For customers planning to integrate push provisioning to the Google Pay wallet, follow these steps.

Request Access to Google's Documentation

Google's Android Push Provisioning API documentation is not public. If the page loads for you, your Google account is already authorized to access it. Otherwise, sign in or request access.

info-circle

Note the following from the documentation:

  • The content is intended for card issuing financial institutions that have a signed contract to integrate with Google Pay.

  • Partners must use a Google Account associated with their corporate email address rather than a personal account. Personal email accounts (i.e. gmail, yahoo, msn, etc.) cannot be associated with an NDA and therefore will not be given access.

Request Application Access to Push Provisioning API

Application developers must request access before their application can use Google's push provisioning API and, therefore, Thales' Push Provisioning service.

Google grants access based on the app package name and its fingerprint. App developers must register these fields by submitting a Push Provisioning API Access Request form.

This step is especially important for internal and test builds of the application.

info-circle

Problems getting access to the Push Provisioning API typically lead to an error reported by the Push Provisioning SDK: Google Pay Unavailable during the configuration step.

If this happens, review the app package name and fingerprint against the values submitted in the form.

Best Practices & Branding Guidelines

Developers should review the best practices guide, which covers general integration recommendations for provisioning cards into Google Pay.

Developers must also follow Google's branding guidelines, which define, for example, the style of the "Add to Google Pay" button.

TSP Configuration

The issuer must configure certain settings in the TSP system to comply with Google Pay requirements. These include:

  • Terms of Service

  • Card metadata, including card art

For details, review Google's guide on TSP configuration.

exclamation-circle

A common issue is that issuers misconfigure the application package name in the TSP system, as explained in the Common issues with metadata section of Google's guide.

This issue most commonly results in the app being unable to read the card digitization state from the Google Pay wallet.

Google Pay Launch Process

Before the application can be deployed to the Google Play Store, the development team must pass several review and testing steps with Google. These activities are described in Google's launch process.

Samsung Pay

For Samsung Pay, set the following configurations before integrating the Push Provisioning SDK into your mobile application.

  • Register your mobile application.

  • Service ID -

    You can create the Service ID in the Samsung Developer portal. The Service ID combines Application and CSR, or other parameters that identify the partner application.

    For more information, refer to Samsung Developers Guide on Service Creation.

    Pass the Service ID to the Config class when configuring the Push Provisioning SDK. An example Service ID is shown below:

  • info-circle

    Note

    For issuers using Visa and Mastercard tokenization (that is, VTS or MDES), a CSR is not required.

  • Debug API Key -

    This data verifies the application when it interacts with the Samsung Pay application. You can retrieve a Debug API key by registering a new service in the Samsung Pay Developers portal. Note the following about the Debug API key:

    • It is valid for only 3 months and may be changed at the discretion of Samsung.

    • The value may be revoked by Samsung for unresolved issues caused by the application.

    • The application is able to request an additional Debug API key after 90 days.

    • The total number of devices that can use the key is unlimited. However, a partner is limited to ten Samsung accounts for testing before Samsung certification.

    • The application should not display this value in the debug log.

    • It is to be removed in the release configuration.

    The following snippet shows how to add the Debug API key to the AndroidManifest.xml file:

For details, refer to the SDK configuration guide.

PreviousGoogle & Samsung PayNextData encryption and authentication

Last updated

Was this helpful?