Decrypt a mobile wallet payload

Note: We don't recommend this model unless you explicitly require access to the contents of the encrypted payload.

To decrypt the payload, each mobile wallet provider requires you to follow their own process. For example, Apple Pay require you generate your own public/private key pair and your own Certificate Signing Request (CSR) to upload to the Apple Pay Developer Portal.

You can find the details on their developer sites:

Map the fields

Once you've successfully decrypted the payload, you'll have access to the raw message content. Use this table to map the mobile wallet provider's fields to the Worldpay XML. Add the data from the payload into the Worldpay XML without any manipulation, unless stated below:

Mobile wallet provider fieldWorldpay XML fieldNotes
applicationPrimaryAccountNumber<tokenNumber>
applicationExpirationDate<date>
month & year
Month is 2 digit MM format, year is 4 digit YYYY format
currencyCode<amount>
currencyCode
Worldpay require currencyCode in 3 letter format (i.e. EUR), mapped from Apple’s 3 digit ISO 4217
transactionAmount<amount>
value
cardholderName<cardHolderName>Optional
onlinePaymentCryptogram<cryptogram>3D Secure cryptogram
eciIndicator<eciIndicator>Zero padded to 2 digit format (if a value of 7 is received, then add a value of 07 to the XML)

Integrate to Worldpay

To pass the decrypted payment to Worldpay for authorisation, submit your XML with the below child elements of <EMVCO_TOKEN-SSL>:

Use the appropriate reference:

  • <EMVCO_TOKEN-SSL type="APPLEPAY">
  • <EMVCO_TOKEN-SSL type="GOOGLEPAY">
  • <EMVCO_TOKEN-SSL type="SAMSUNGPAY">
  • <EMVCO_TOKEN-SSL type="NETWORKTOKEN"> - for card schemes

Example XML request

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay/DTD WorldPay PaymentService v1//EN"
"http://dtd.worldpay.com/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="MERCHANT_CODE">
  <submit>
  <order orderCode="ORDER_CODE" shopperLanguageCode="en">
    <description>test order</description>
    <amount value="100" currencyCode="GBP" exponent="2"/>
    <orderContent>
      <![CDATA[]]>
    </orderContent>
    <paymentDetails>
      <EMVCO_TOKEN-SSL type="APPLEPAY">
        <tokenNumber>444433332222....</tokenNumber>
        <expiryDate><date month="10" year="2022"/></expiryDate>
        <cardHolderName>A Shopper</cardHolderName>
        <cryptogram>AAAA...</cryptogram>
      <eciIndicator>07</eciIndicator>
      </EMVCO_TOKEN-SSL>
    </paymentDetails>
    <shopper>
      <shopperEmailAddress>sp@worldpay.com</shopperEmailAddress>
    </shopper>
  </order>
  </submit>
</paymentService>

Response

The response message is the same as ourstandard XML responses.

Recurring payments

To take recurring payments you must create atokenand follow ourstored credentials integration guide.

Full XML payment request using tokenisation and stored credentials:

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN" "http://dtd.worldpay.com/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
   <submit>
       <order orderCode="YOUR_ORDER_CODE">
           <description>test order</description>
           <amount value="100" currencyCode="GBP" exponent="2"/>
           <orderContent>
               <![CDATA[]]>
           </orderContent>
           <paymentDetails>
               <!--Choose type: APPLEPAY|SAMSUNGPAY|GOOGLEPAY|NETWORKTOKEN-->
               <EMVCO_TOKEN-SSL type="APPLEPAY">
                   <tokenNumber>4444333322221111</tokenNumber>
                   <expiryDate>
                       <date month="10" year="2024"/>
                   </expiryDate>
                   <cardHolderName>A Shopper</cardHolderName>
                   <cryptogram>BLIYQ4EA/wLF4/hK9ABFMAABAAA=</cryptogram>
                   <eciIndicator>07</eciIndicator>
               </EMVCO_TOKEN-SSL>
               <session shopperIPAddress="127.0.0.1" id="191113"/>
           </paymentDetails>
           <shopper>
               <shopperEmailAddress>sp@worldpay.com</shopperEmailAddress>
               <authenticatedShopperID>shopperID</authenticatedShopperID>
               <browser>
                   <acceptHeader>text/html</acceptHeader>
                   <userAgentHeader>Mozilla/5.0 ...</userAgentHeader>
               </browser>
           </shopper>
           <createToken tokenScope="shopper">
               <tokenEventReference>eventReference</tokenEventReference>
               <tokenReason>reason</tokenReason>
           </createToken>
       </order>
   </submit>
</paymentService>