The Card On-Boarding and Tokenization Process
Our goal for this and upcoming updates is to provide you with more detailed information about how Pagaré will work and how it fits in the payment ecosystem. We feel it’s important for us to share the complexity of what we’re doing and how the pieces of the platform will work together. This will help us explain and report on our progress as we go forward.
We are making good progress towards our January release. In our next update on July 19th, we’ll publish a summary of the key milestones we’ve completed and those we need to reach before Pagaré is ready to ship.
In the meantime, here is more detailed information about Pagaré’s hardware and the software platform that will support it.
First, here are the important hardware and software components as well as other platform elements and the key ecosystem players that we talked about in the last update:
Pagaré’s core hardware includes: (1) an Embedded Secure Element (eSE), which securely stores your payment token; (2) Near Field Communication (NFC) controller, which allows Pagaré to communicate with the point of sale (POS) terminal, and (3) a printed circuit board assembly (PCBA), which is the circuitry that enables Pagaré to connect to and communicate with your Pebble. Pagaré also includes a USB adapter to allow you to charge your Pebble without removing the smartstrap from the smartwatch.
The Software Platform and Players
Next, here are the critical software platform elements and how the members of the payment ecosystem interact to make your credit card work on Pagaré.
Pebble Pagaré App: We’ve created a custom app for Pebble that activates Pagaré when a PIN is entered on your smartwatch which enables payments and provides a confirmation of the transaction. The Pagaré configuration application in your Pebble app on your phone provides a simple and intuitive user experience for onboarding account and card information and accessing the payment platform. The application uses our Conductor SDK (software development kit) to communicate to the Trusted Payment Manager platform. This app sits within Pebble’s iOS and Android apps and is downloaded to your Pebble Time.
The Trusted Payment Manager Platform specifies how all of the players in the ecosystem that we described in the last update interact to offer payment and authentication capabilities.
Our Secure Element Trusted Service Manager (SE TSM) service acts as a neutral broker for the negotiation, provisioning and lifecycle management of tokenized data on the secure element inside Pagaré.
Token Service Provider (TSP) is an entity within the payments ecosystem that is able to provide registered Token Requesters, like us, with surrogate cards numbers known as payment tokens. It is through this “tokenization” that your card data is protected.
The Issuing Bank is the entity that provided your branded credit card. As we noted in the previous updates, we have existing relationships and an established process for creating the necessary integration with the card networks and issuing banks.
The Card On-Boarding and Tokenization Process
Now, that we’ve explained a little about all of the pieces, here is how they come together to allow you to create an account, instantiate your digital wallet and provision a secure token to keep it all safe:
Account and Wallet Creation
Create Your Account: Once you receive your Pagaré and download the apps to your Pebble and mobile device, the first step will be to create an account. Account creation entails the selection of a PIN and instantiation, or creation, of your digital wallet. Once confirmed, the platform will create a security domain on the secure element and be prepared to accept your card information.
Security Domain Creation: After your account is created, a security domain (Service Provider Security Domain – SPSD) is established to keep your data safe.
Create Your Wallet: Upon successful account creation, the Trusted Payment Manager™ creates a new digital "wallet" to store your card information. You can now digitize your existing credit and debit cards. Pagaré makes that process easy. You can simply scan your card by taking a picture with your smart phone and the data fields will be automatically populated.
Once an account is created and the card information is digitized, card tokenization commences. The TSM checks if the card (aka PAN or Primary Account Number) attempting to be loaded is eligible to be tokenized, creates a token for the card, and provisions the token data to Pagaré. The steps in the tokenization process include checking eligibility, completing terms and conditions (T&Cs) and the issuing of a token.
The chart below describes this process and the workflows that are involved.
As you can see, it’s a pretty complicated process, but all of this happens in a flash on the platform we’ve built, seamlessly and behind the scenes. The result enables your Pagaré to conduct secure contactless transactions.
In the next update we’ll provide a summary of key milestones, so that you see the progress that’s been made and the work that’s left to do. Look for that on July 19th!
The FitPay Team