TPS

Citibank Integration Guide for Apple Pay and Google Pay: Enabling Contactless Wallet Payments

As digital wallets become the norm, ensuring your Citibank-issued cards can be added seamlessly to Apple Pay and Google Pay is essential for delivering a frictionless, secure payment experience. This guide walks you through the end-to-end process—from wallet prerequisites to in-app tokenization and verification—so you can integrate Citibank card provisioning into your mobile app or enable cardholders to tap-and-pay in stores and online.

1. Prerequisites & Technical Overview

Before you begin, ensure you have:

  • Issuer Certification: Your Citibank card-issuing BINs must be registered with Apple and Google through your network tokenization service (Visa DPS, Mastercard MDES, or equivalent).
  • Token Service Provider (TSP): Access to a TSP that supports both Apple Pay PassKit and Google Pay API for Passes, as well as online provisioning via PCI-certified servers.
  • Mobile App or Digital Wallet: A customer-facing app (iOS or Android) where users can add and manage Citibank cards.
  • SSL/TLS Security: All provisioning endpoints must use HTTPS with TLS 1.2+ and certificate pinning to protect card credentials and user data.
  • Compliance: Adherence to Apple’s PassKit guidelines and Google’s Google Pay API requirements.

2. Apple Pay Integration Steps

A. Enroll in Apple Developer Program & Apply for Merchant ID

  1. Developer Account: Enroll in Apple’s Developer Program.
  2. Merchant ID: Create a Merchant ID in your Apple Developer account (e.g., merchant.com.citibank).
  3. Payment Processing Certificate: Generate and upload your certificate to Apple to authorize token requests.

B. Set Up Apple Pay in Xcode

  1. Enable Wallet Capability: In your Xcode project target, check Wallet under Signing & Capabilities.
  2. Add Apple Pay Entitlement: Ensure your Merchant ID appears under Apple Pay.
  3. Configure PKPaymentRequest: let request = PKPaymentRequest() request.merchantIdentifier = "merchant.com.citibank" request.supportedNetworks = [.visa, .masterCard, .discover] request.merchantCapabilities = .capability3DS request.countryCode = "US" request.currencyCode = "USD"
  4. Present PKPaymentAuthorizationViewController: let vc = PKPaymentAuthorizationViewController(paymentRequest: request) vc?.delegate = self present(vc!, animated: true)

C. On-Device Card Provisioning

  1. Initiate Provisioning Session: Your backend calls Apple’s Provisioning Partner API to obtain encryptedData and ephemeralPublicKey.
  2. Submit to TSP: Forward Apple’s challenge to your TSP for token generation.
  3. Complete Provisioning: Return the token to the device; use PKAddPaymentPassViewController to finalize card addition.

3. Google Pay Integration Steps

A. Enable Google Pay API

  1. Google Cloud Console: Create a Google Pay API project and obtain your gateway merchant ID (e.g., citi_merchant).
  2. Update JSON Configuration: In your Android/iOS code, define AllowedPaymentMethods: "allowedPaymentMethods": [{ "type": "CARD", "parameters": { "allowedAuthMethods": ["PAN_ONLY","CRYPTOGRAM_3DS"], "allowedCardNetworks": ["VISA","MASTERCARD"] }, "tokenizationSpecification": { "type": "PAYMENT_GATEWAY", "parameters": { "gateway": "token_service_name", "gatewayMerchantId": "citi_merchant" } } }]

B. Add Google Pay Button

  1. Load API Library: <script async src="https://pay.google.com/gp/p/js/pay.js" onload="onGooglePayLoaded()"/>
  2. Check Readiness & Display Button: const paymentsClient = new google.payments.api.PaymentsClient({environment: 'PRODUCTION'}); paymentsClient.isReadyToPay(request) .then(response => { if (response.result) paymentsClient.createButton({onClick: onGooglePayClicked}); });

C. Handle Payment Data & Provisioning

  1. onGooglePayClicked(): Call paymentsClient.loadPaymentData(request) to launch the wallet.
  2. Process Token: Extract paymentMethodData.tokenizationData.token and send to your TSP for decryption and fulfillment.

4. Backend Tokenization & Security

  • TSP Integration: Whether using Visa DPS or Mastercard MDES, your backend must handle Apple and Google provisioning challenges to generate device-unique tokens.
  • Key Management: Store private keys in a Hardware Security Module (HSM) and rotate keys per network requirements.
  • Audit & Logging: Implement comprehensive logging for provisioning requests and token cryptogram validations—essential for compliance audits.

5. Testing & Certification

  • Apple Pay Sandbox: Test on devices added to your Apple Developer account using sandbox test cards.
  • Google Pay Test Environment: Set environment: 'TEST' in the Google Pay client and use Google’s sample tokens.
  • Certification Programs: Complete Apple’s Apple Pay Certification and Google’s Production Readiness Review to go live.

6. Go-Live & Ongoing Maintenance

  • Monitor Transactions: Use your TSP’s dashboards to watch provisioning and transaction volumes.
  • Handle Revocations: Implement processes to revoke tokens remotely upon lost/stolen device reports.
  • Stay Updated: Regularly update your integration per Apple and Google’s evolving guidelines to maintain compatibility and security.

Conclusion
By following this Citibank integration guide—from merchant and developer enrollment through secure tokenization and rigorous testing—you’ll empower your customers to add their Citibank cards to Apple Pay and Google Pay seamlessly. The result is a faster, safer checkout experience that leverages the latest in mobile-wallet security protocols.

Next Steps: Coordinate with your Citibank product team and TSP to initiate token-service onboarding, schedule your certification labs, and unlock the full potential of contactless mobile payments.

Tinggalkan Balasan

Comment as a guest.

© 2025 TPS