Monday, December 23, 2013

Host Card Emulation Series:User Experience

Getting a Feel for the User Experience: Example of the Initial Authorization Process 

Available with the mobile SDK download from SimplyTapp.

This post is meant to show and explain what a user's initial authorization experience might look like. Keep in mind that this is a user experience example only and the SimplyTapp Mobile SDK has already been integrated with the user's third party app.

The following post will take you through the initial authorization process and explain what is happening along the way. At the end you will have a independent third party app that will be loaded with one authorized payment card and will be ready for "tap and pay" use at contact-less terminals, like McDonald's.

Lets begin

User launches your app (clicking on the app icon from the phone screen)

The picture below illustrates what the user experience would look like from within the app.  The process is based on existing Open Authentication standards.  The application must first ask the user if they would like to approve the application for making payments with a payment card at a P.O.S. terminal.

 * Any SimplyTapp branding is purely for demo purposes. Branding would be replaced by issuing entity.

In the back end this is the process that goes on;  The box on the right side is typically a browser that verifies to the user that the application is authentic and that the application would like to ask permission to present payment cards as a form of payment at a P.O.S.  Upon user approval, the application will ultimately end up with an access token and secret that can be used only to allow transactions against a remote card, but not manage the card itself.

User Sets Pin

After you have successfully logged in and authorized the application  you will be brought from the browser back to the mobile app. You will be prompted to create a new 4 digit pin. This pin is for our newly added payment functionality and can be used instead of storing any Open Authentication secrets on the handset itself.  The pin is never stored locally on the handset and is used as a quick password entry.

In the background the open authentication process is used to synchronize the user's new pin with the token secret:
At this point the mobile application is approved by the user to make point of sale payments with any cards that it may contain.  The app itself does not contain any cards yet as the customer has not applied or registered for any digital cards.  In a similar process, the user is made aware that the app currently has cards available, but the user must apply for them.

User gets their first Card

The user has the ability to apply for cards from issuing entities. Simply Bank is a demo page set up to illustrate and provide a walk through for issuer card holder relationships.  Here you can load specific card from SimplyBank and then navigate back to home screen of app.  The process is similar to the approval process of the app to present cards for payment.  The main difference being the user must approve the issuing bank to place a card in the mobile application.  The user will be pushed from the mobile application to the issuing bank registration web page:

In the background, the card acquisition process is represented like this.  Ultimately, the personalized card is represented in the same format as an EMV chip card, however the data is stored remotely inside a secure vault instead of in a localized SIM chip:

User pushed back to their App and ready to pay

Once a payment card is acquired, you will view and navigate app as normal. In this example we can check balances and manage our money exactly the same as before with app.  The payment feature can happen in the background by simply tapping the phone to a payment terminal at any given time.

In the background, the payment process is triggered by an interrupt from the terminal and can happen at any time.  To be prepared, the mobile application has pre-fetched payment terminal data to use when making a payment.  This fetching process can happen at any time prior to the first tap and may consist of one or more tokens to be used for payment depending on configurations by the issuer:

Extra Info

Below are the logs from payment process happening on the back end.. These logs are part of the U.I. from the SingleCard app.

This example app is now fully authorized and ready for secure contact-less NFC payments.
SimplyTapp's developers wiki is available at


  1. I would like to appreciate all your efforts, I have used many other services several times and I am very happy with it too. Finally once more thank you for this breathtaking article and I like this. I hope this will be very helpful to the students to complete their educational works related with the topics here.

  2. This post is one of its kind as I can't find more satisfying post than this anywhere on internet. So much helpful and explained in easy way for students to easily grasp the concept.

  3. These spy apps for iphone would be a great help for everyone interested in various security issues.

  4. Yes i am totally agreed with this article and i just want say that this article is very nice and very informative article.I will make sure to be reading your blog more. You made a good point but I can't help but wonder, what about the other side? !!!!!!THANKS!!!!!! 24 hour truck tire repair

  5. This blog is so nice to me. I will keep on coming here again and again.

    NFL Live Stream

    NFL Live Stream Free

  6. Hello! I just would like to give a huge thumbs up for the great info you have here on this post. I will be coming back to your blog for more soon.
    best manga downloader app

  7. I think that you will find some great tips on how to write a narrative essay here Make sure to check it out sooner or later

  8. I feel really happy to have seen your webpage and look forward to so many more entertaining times reading here. Thanks once more for all the details. Let create for yourself a strong, beautiful sims on game sims 4 cheats

  9. I am very excited to make a post on behalf of my exotic club kindly see the website and know the several functions in this aspect just visit the website and read all functions in this aspect.
    Delhi Russian Escorts

  10. You have clearly mentioned all the things and guyz if you want Pradhan Mantri Jan Dhan Yojana than visit our blog as well thnks.

  11. Greetings! I simply want to offer huge thumbs up for the great stuff you have got here on this post. It looks perfect and I agreed with the topics you just said. Thanks for the share. But if you guys want Black Magic spell to break up a couple than contact us.

  12. Excellent article that will provide the incentive and basis for my works. I wonder if I can mention the article as a bibliographic reference in my work. Thanks!
    Escort Girls Service
    Mumbai Escorts Service
    Call Girl In Chennai
    Call Girl In Hyderabad
    Our Service Partners :
    Ready To Repair
    Satta king

  13. We confirmation that you will get top class Dehradun escorts and every one of the call girls who are working in our organization are more beneficial, crisp and fit to get together with every one of your desires. We are top quality Dehradun escort service organization; we continue everything covered up. All our Dehradun escorts give full consideration regarding clients so they feel rest and relish when.
    Dehradun escort service
    Haridwar escort service
    Mussoorie escort service
    Rishikesh escort service
    haldwani escort service
    Nainital escort service
    Ramnagar escort service
    Rudrapur escort service

  14. Very interesting,good job and thanks for sharing such a good blog.your article is so convincing that I never stop myself to say something about it.You’re doing a great job.Keep it up if you guyz want Call Girls in Jalandhar than contact us

  15. Hello Dear, Are you looking for the best Call Girls in Chandigarh. Maya Escorts Services provides top-rated Call Girls service provider in Chandigarh. We offer high quality premium Chandigarh escorts service at affordable price.

  16. Hey admin

    What a Great article keep it up with awesome stuff like this.

    You have clearly mentioned all the things and guys if you want

    Buy Jhula Swing chair Online, How to Put a Curse on Someone than visit our blog as well thanks.

  17. Hire cheap and vivacious escorts in nainital to receive endless entertainment of the end times and lie back in their faithful arms. We are glad that you are showing enthusiasm for hot college girls in nainital. As you will see, escorts in nainital are beautiful and to satisfy them, you just need to call them.
    Nainital escorts
    haldwani escorts
    rudrapur escorts
    ramnagar escorts

  18. Appreciating the persistence you put into your blog and detailed information you provide.
    I really love the theme/design of your website.

  19. It is very lucky to me to visit your website. We hope you continue to publish great posts in the future.

  20. I like this website its a master peace ! Glad I found this on google .
    I must say, as a lot as I enjoyed reading what you had to say, I couldn't help but lose interest after a while.
    안전놀이터 모음

  21. Quickbooks file doctor is an advanced application created by Intuit® to troubleshoot a variety of difficulties that can arise when working with a company file or running QuickBooks in multi-user mode. The feature, which was first released with the 2012 version of QuickBooks Desktop, has now grown to handle over half of the issues that QuickBooks Desktop faces.

  22. you very well explained the topic For providing the important and Knowledgeable activate McAfee has been chosen by 500 Million users from across the globe to protect their devices. On a daily basis, McAfee gets around 49Billion real-time threat queries. Also, 480 threats are discovered by McAfee around every minute.

  23. Great to rad this blog.
    Many QuickBooks customers choose to clone the operations that assist the QuickBooks consumer to carry out better. However, this software program also can cause errors. Due to the cloning, you may face many post-cloning errors, one in each of them is Quickbooks license error after clone .

  24. If you’ll notice an error message on your screen that says: error 6144 82 quickbooks QuickBooks has encountered a problem and needs to close. We are sorry for the inconvenience.” then without wasting time visit the mentioned site and solve your problem

  25. Thank you for such a well written article. It’s full of insightful information and entertaining descriptions. Your point of view is the best among many.

    파워볼 메이저사이트

  26. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work!.


  27. That's in addition a great publish which i really valued learning. It's not every day that people maintain the opportunity to discover something.


  28. you very well explained the topic For providing the important and Knowledgeable quickbooks connection diagnostic tool if there is an issue with QuickBooks Database Server Manager.  In the event that your Firewall has not been updated and is incompatible with the QuickBooks version you are using. 

  29. To fix the Quickbooks error 6000, you must disable hosting on all workstations. Also, the host's Multi-User access should be disabled. Ascertain that your computer is the only one on which the company's files are stored.

  30. To fix the quickbooks network error, you should get the quickbooks tool hub which will fix your quickbooks

  31. Hi! this is often nice article you shared with great information. Thanks for giving such an exquisite informative information. 호텔카지노

  32. Hello, I enjoy reading all of your article post. I like to write a little comment to support you. 릴게임

  33. I have read this put up and if I may I desire to recommend you some interesting things or tips. Maybe you can write next articles regarding this article. I wish to learn more issues approximately it! 바카라사이트

  34. Great delivery. Outstanding arguments. Keep up the amazing effort.

  35. I think this is among the most vital info for me.
    And i am glad reading your article. But wanna remark on few general things,
    The website style is great, the articles is really excellent

  36. This comment has been removed by the author.

  37. This comment has been removed by the author.

  38. This is The Best Blog For Me. I Have Ever Seen. Thanks for Sharing Informative Blog Post with Us

    Odhav Female Companion
    Paldi Female Companion
    Rajkot Female Companion