Push provisioning flow is mandatory to offer tokenization, except for Google Pay in Argentina and Mexico.

Provisioning

Discover the differences between manual and automatic token provisioning flows.


Push provisioning

It is a process that allows you to quickly add a card to Apple Pay or Google Pay from the bank's or card issuer's application. In addition to being more convenient, it enhances security by avoiding manual entry of information that could be vulnerable to errors or fraud.

Let's go through the steps to add a card using Push provisioning:

Push provisioning flow

  1. Your customer opens your app and taps the "Add to Apple Wallet" or "Add to Google Pay" button.
  2. The Google or Apple Wallet application communicates with their servers to generate certificates and cryptographic values and shares them with the application.
  3. You share the information sent to you by Apple or Google using this API.
  4. We verify the information, generate the cryptographic data, and send it to your customer's application.
  5. The application receives the cryptographic data and sends it to Apple or Google.
  6. Apple or Google validate the cryptographic data and complete the tokenization of the card.

Manual provisioning

In order for your customers to complete their tokenization request, we recommend that you keep their data up-to-date using our User API.

This flow is triggered when Apple or Google need to verify that the person attempting to add the card is indeed the cardholder.

Let's go through the step-by-step process:

  1. Your customer opens Apple Wallet or Google Wallet and taps the Add Card button.
  2. They manually enter their card details.
  3. Pomelo verifies the card information and determines that additional information is needed to verify its authenticity.
  4. The yellow flow is activated, and your customer is prompted to enter the verification code sent to them via phone or email.
  5. Apple or Google validate the entered code and determine its authenticity.
  6. If everything goes well, the card is added. If not, your customer will be given the option to enter the correct code or contact your support team.

Did you find the content of this document helpful?