> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/nfc-wallet-sdk-ios/implement-nfc-wallet/tokenize-a-card/digitize-card/yellow-flow-digitization.md).

# Yellow flow digitization

## Overview

The yellow flow is a Tokenization flow where the issuer backend approves Tokenization with step-up authentication (ID\&V).

This flow is common when the NFC Wallet SDK is integrated into a digital wallet application that tokenizes cards for multiple issuers.

In this case, the solution must authenticate using ID\&V to complete the tokenization.

## User experience

See [Yellow flow user experience](/nfc-wallet-sdk-ios/implement-nfc-wallet/tokenize-a-card.md#yellow-flow).

## Sequence diagram

<figure><img src="/files/nXAzHalQEHlbRLqDFipg" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/mJSRsvj8PcozK0lMxUC8" alt=""><figcaption><p>Yellow flow: select an ID&#x26;V method after <code>digitizationApprovedWithIDV</code>.</p></figcaption></figure>

## Integrate SDK

After you [Check card eligibility](/nfc-wallet-sdk-ios/implement-nfc-wallet/tokenize-a-card/check-card-eligibility.md):

1. Call `CardDigitizationService.digitizeCard()`.
2. If Tokenization is approved with conditions (yellow flow):
   * The NFC Wallet SDK emits `digitizationApprovedWithIDV`.
3. Get the issuer-supported ID\&V methods using `IDVMethodSelector.getIDVMethodList()`.
4. Display the methods and let the end user choose one.
5. Notify the NFC Wallet SDK by calling `IDVMethodSelector.select(idvID:)`.

### Supported ID\&V methods

The NFC Wallet SDK supports the following ID\&V methods:

* `otpBySMS`: Verify the end user with a one-time password (OTP) sent by SMS.
* `otpByEmail`: Verify the end user with a one-time password (OTP) sent by email.
* `customerService`: Verify the end user through issuer customer care.
* `webService`: Verify the end user on the issuer website.
* `appToApp`: Verify the end user in the issuer application.
  * `with cryptogram`: The issuer application generates an issuer cryptogram.
  * `without cryptogram`: The issuer activates the token using the TSP issuer API.

### List and select an ID\&V method

Use the following example to list the issuer-supported ID\&V methods.

```swift
func digitizeCard(_ termsAndConditions: CardDigitizationService.TermsAndConditions) async throws {
    // Step 1: Initialize the card digitization service.
    let cardDigitizationService = CardDigitizationService()
    let fcmToken: String = "FACY6074293608087656831WRF1234" // Example only.

    // Step 2: Start the card digitization process.
    try await cardDigitizationService.digitizeCard(withTNC: termsAndConditions.accept(),
                                                  pushToken: fcmToken,
                                                  language: "en")

    // Step 3: Subscribe to digitization events.
    for await state in await cardDigitizationService.eventStream {
        switch state {
        case let .digitizationApprovedWithIDV(_, idvMethodSelector):
            // Yellow flow: list issuer-supported ID&V methods.
            let verificationMethods = idvMethodSelector.getIDVMethodList()
            for method in verificationMethods {
                if method.type == .otpBySMS || method.type == .otpByEmail {
                    /// OTP method.
                } else if method.type == .webService || method.type == .customerService {
                    /// Method handled directly by the issuer.
                } else if method.type == .appToApp {
                    /// App-to-app method using the issuer application.
                }
            }

        default:
            break
        }
    }
}
```

Use `IDVMethod.id` when calling `IDVMethodSelector.select(idvID:)`.

{% code title="Select an ID\&V method" %}

```swift
case let .digitizationApprovedWithIDV(digitalCardID, idvMethodSelector):

let verificationMethods = idvMethodSelector.getIDVMethodList()
for method in verificationMethods {
    /// list methods to display
}

// ... code for wallet to capture the selected ID&V method ...

// select the method using the method id
try await idvMethodSelector.select(idvID: selectedMethod.id)
```

{% endcode %}

### ID\&V with OTP

If the end user selects `otpBySMS` or `otpByEmail`, the TSP generates an OTP. Then the TSP requests the issuer to send the OTP by SMS or email.

The NFC Wallet SDK emits `activationRequired` with `PendingCardActivation.State` set to `otpNeeded`.

After the end user enters the OTP, call `PendingCardActivation.activate()` with the OTP value.

The NFC Wallet SDK provisions the digital card profile in the background. After provisioning completes, the NFC Wallet SDK emits `activatedByIDV`.

{% hint style="info" %}
**Implement the OTP entry UI**

The NFC Wallet SDK does not provide an OTP entry UI. Implement and customize the OTP UI in your digital wallet application.
{% endhint %}

### Customer service or web service ID\&V

If the digital wallet application selects `webService` or `customerService`, the issuer manages ID\&V directly. This is done through an issuer web portal or issuer customer care.

Use `IDVMethod.value` to get the URL for the issuer web portal or the phone number for issuer customer care.

After the issuer successfully authenticates the end user, the issuer activates the token using the TSP issuer API.

Then the NFC Wallet backend sends a `CPS` push notification to the digital wallet application.

Process the push as described in [Process CPS notifications](/nfc-wallet-sdk-ios/get-started/configuration/4.-push-notifications/handle-push-notifications.md#process-cps-notifications-digital-card-operations).

### App-to-app ID\&V

In this ID\&V method, the digital wallet application redirects the end user to the issuer application.

The NFC Wallet SDK emits `activationRequired` with `PendingCardActivation.State` set to `appToAppSelected`.

Use `appToAppSelected.requestPayload`, `appToAppSelected.scheme`, and `appToAppSelected.source` to redirect the end user to the issuer application.

{% hint style="info" %}
**Redirect to the issuer application**

The app-to-app ID\&V method is supported for Mastercard and Visa. See the Mastercard or Visa specifications for details.
{% endhint %}

After the issuer application completes authentication, it redirects the end user back to the digital wallet application.

There are two possible methods:

* `AppToApp with cryptogram`: The issuer application generates an issuer cryptogram.
* `AppToApp without cryptogram`: The issuer activates the token using the TSP issuer API.

For `AppToApp with cryptogram`, call `PendingCardActivation.resumeAppToAppActivation(withTAV:)` and provide the issuer cryptogram. The NFC Wallet SDK provisions the digital card profile in the background. After provisioning completes, the NFC Wallet SDK emits `activatedByIDV`.

For `AppToApp without cryptogram`, call `PendingCardActivation.resumeAppToAppActivation()`. Then the NFC Wallet backend sends a `CPS` push notification to the digital wallet application. Process the push as described in [Process CPS notifications](/nfc-wallet-sdk-ios/get-started/configuration/4.-push-notifications/handle-push-notifications.md#process-cps-notifications-digital-card-operations).

### Resume activation

If the ID\&V process is interrupted, resume it using the `PendingCardActivationSession` API.

This lets the end user reselect an ID\&V method: `otpBySMS`, `otpByEmail`, `customerService`, `webService`, or `appToApp with cryptogram`.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.payments.thalescloud.io/nfc-wallet-sdk-ios/implement-nfc-wallet/tokenize-a-card/digitize-card/yellow-flow-digitization.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.