A digital wallet is a virtual wallet that stores payment card information on a mobile device like a smartphone, tablet or smartwatch. The cardholder can add a card, either physical or virtual, to a digital wallet and utilise the quick, convenient and secure payments that digital wallets offer. The volume of digital wallet payments has been growing constantly both in physical stores, as well as online, and this trend is going to continue. Payments from digital wallets are also at the forefront of many market changes which means digital wallet users are often the ones getting to try out different innovations first. By enabling this payment method for your customers, your offering stays relevant and attractive.

How do digital wallets work?

The illustration below describes the different parties in the digital wallet process and shows where the ‘Digital wallet module’ plays a role. There are four main parties in this process:
  • Issuer application
  • Wallet provider (Apple Pay, Google Pay, Samsung Pay)
  • Card scheme tokenisation service (Mastercard MDES, Visa VDEP)
  • Enfuce
The process starts with the customer enrolling the card into a digital wallet. The prerequisite is that a card has been created.
  1. The cardholder adds the card to a digital wallet. This is usually done through an integration from your app to the digital wallet. Enfuce has an API to provide the needed card credentials in a secure format.
  2. The digital wallet integrates with the card scheme’s tokenisation services, which in turn are integrated to Enfuce.
  3. After the card is added to the digital wallet, the cardholder can use it for purchases.
  4. The merchants then route the transactions via the card schemes to Enfuce.
This is a simplified overview that doesn’t cover all possible use cases but it demonstrates the different parties in the process and the number of integrations. In this documentation, we concentrate on Enfuce’s role and scope of service, and we’ll also touch on the role of other parties.

Card scheme tokenisation services

To enroll and use a Mastercard or Visa card in a digital wallet, you need to integrate into the respective payment scheme’s tokenisation service. Our ‘Digital wallet module’ will handle this integration for you. The Mastercard Digital Enablement Service (MDES) and Visa Digital Enablement Program (VDEP) are secure digitisation services for managing, generating, and provisioning digital payment credentials into mobile devices, smart wearables and other form factors. MDES and VDEP enable a simpler, more secure digital payment experience by tokenising cardholders’ PANs and replacing each one with a unique token (an alternative number). Tokens can be used to perform financial transactions, including contactless payments (using an NFC-enabled device), and online and in-app purchases. The cardholder’s PAN is not exposed in tokenized transactions, reducing the possibility and impact of account data compromise. In a nutshell, the card scheme tokenisation service is responsible for:
  • Creating and storing tokens
  • Provisioning tokens and associated metadata (e.g. card art)
  • Managing token lifecycle
  • Processing token-initiated transactions
  • Performing PAN mapping to enable functions such as de-tokenisation
For more details, please refer to card scheme manuals.

Digital wallet integration

Integration between your app and the digital wallet enables a user-friendly and frictionless enrolment. This gives you access to provide a full life-cycle service via your app rather than requesting the customer to use several apps. For more details, please refer to digital wallet manuals.

How cardholders use digital wallets

This section of the guide describes these three core activities:
  1. Enrolling a card to a digital wallet
  2. Using a digital wallet
  3. Closing a card in a digital wallet and other token lifecycle events

Card enrolment

There are two main ways to enrol a card on a digital wallet:
  1. In-app enrolment in which the cardholder initiates the process from your app and card credentials are shared with the digital wallet provider via an integration.
  2. Enrolment via a digital wallet in which the cardholder initiates the process by entering the card credentials directly into the digital wallet app.

In-app enrolment

In-app enrollment is the flow in which the user can click on a button e.g. “Add card to Google Pay” directly from your app. What happens when the process kicks off:
  • A card is created in the Enfuce system
  • Your app is integrated into Enfuce and digital wallet:
    • Enfuce Card API (to list eligible cards and get cardId)
    • Enfuce Wallet API (card credentials and activation data to a digital wallet and token service)
    • Digital wallet SDK
  • You authenticate the cardholder trying to enroll a card to validate that your customer is the card owner.
Have a look at our wallet API documentation for more details.

Enrolment via a digital wallet

The user can also enroll the card directly via the digital wallet. When opening the wallet app, the user can either manually enter card credentials or take a picture of a physical card which then reads the required card credentials. As anyone can enter any card credentials that they have or find, the user is authenticated to ensure that the card they are trying to enroll is theirs. This is enabled by:
  • A card is created in the Enfuce system
  • The customer enters card info into the digital wallet app
  • You authenticate the cardholder trying to enrol a card to validate that your customer is the card owner.
Have a look at our wallet API documentation for more details.

Customer authentication

Regardless of the enrolment method, you are responsible for authenticating the customer. In the case of in-app enrolment, the authentication is usually done as part of the normal app user flow, which is completed when your customer opens the app. In the case of enrolment via a digital wallet, there are three options available for how to authenticate the customer:
  1. Issuer app authentication – you receive the authentication request and perform the authentication via your app.
  2. Call centre – you have a call centre service where the customer can call in and authentication is done as part of the call. After confirming the authentication, the call centre manually sends the confirmation to the card scheme portal.
  3. SMS OTP – your customer is provided with a one-time password (OTP) via SMS that they enter into the digital wallet.

Using a card in a digital wallet

Once the enrolment is completed and the tokenised card is visible in the digital wallet, the customer can pay in digital applications, websites and physical stores that support digital wallet payments. The process is similar to a physical card transaction, with the exception that a token is used as a payment method, and a subsequent de-tokenisation is run by the card scheme: Enfuce receives the authorisations for digital wallet transactions the same way as for physical cards, processes them in the same way and if successful, blocks funds based on the card number (PAN) in the message. Even though the PAN is used as the primary key, the token information is also received, allowing Enfuce to identify which transactions were completed with the token. The same logic applies to the clearing transactions: the process is similar to a physical card transaction, with the exception that a token is used as the payment method, and a subsequent de-tokenisation is run by the card scheme:
As with the transactions completed with physical cards, the PAN is the primary key used and will determine the card to which the clearing transaction is posted to. As Enfuce processes the clearing transactions, token-related data is captured and available in the Enfuce data export transaction file (per transaction):
  • ADD_INFO
  • tag MC_WALLET_DATA (Digital Wallet code)
    • Example: MC_WALLET_DATA=103
  • tag WALLET_TYPE (Digital Wallet name)
    • Example: WALLET_TYPE=ApplePay
  • tag D_TKN (Token number)
    • Example: D_TKN=5155222200006666
  • tag D_TKN_ID (Token ID)
    • Example: D_TKN_ID=114123800
  • CONDITION_LIST
    • if the condition “TOKEN” is present, the transaction is done with a token/digital wallet

Understanding PANs and token types

In the context of digital wallet payments and tokenisation, several different PAN (Primary Account Number) types are used. Understanding these helps clarify how tokens are created, stored, and used in transactions.
  • FPAN (Funding Primary Account Number)
    The original, real card number assigned by Enfuce. This is the card number used to fund transactions. FPAN is never exposed in tokenised payments but is used behind the scenes to identify and process the actual card.
  • DPAN (Device Primary Account Number)
    A tokenised version of the FPAN, created specifically for a single device. Each device that the card is added to (e.g. phone, tablet, smartwatch) gets a unique DPAN. This DPAN is what gets used in contactless or online payments from that specific device.
  • APAN (Apple Pay Companion Cloud Token)
    A special cloud-based token used only in Apple Pay with Mastercard. APANs are not tied to any device, allowing them to support payments across multiple merchants and use cases—especially for multi-merchant-of-record (MOR) scenarios, such as travel booking platforms.
  • MPAN (Merchant Payment Account Number)
    A Credential-on-File (COF) token used by Visa and Mastercard. MPANs are tied to a single merchant relationship and typically used for recurring payments with that specific merchant (e.g. Netflix subscriptions or Spotify auto-renewals).
Understanding these different token types is helpful when working with digital wallets and with token-related reporting.

Token lifecycle events

Similar to card statuses, tokens can also have several statuses. As mentioned previously, the card scheme manages the token lifecycle and has the master data of the token status. A token can hold one of four statuses:
  • Active
  • Inactive
  • Deactive
  • Suspended
Token lifecycle events can be initiated from the digital wallet, card scheme, customer service platform or Enfuce system. Some events are triggered automatically, after another event, e.g. the card number PAN being cancelled and some events are triggered by your customers:

Card reissue (new expiration date)

If the card registered with the digital wallet has expired, the digital wallet token is also deactivated. After we reissue a new card (associated with the same customer’s account), we provide the new expiration date to the scheme and the token is also reactivated.

Temporary block of card

When the card status is set to **CARD_BLOCKED** or **SUSPECTED_FRAUD** via the Card API, Enfuce will automatically trigger a request to the card scheme to “Suspend” the token as well. When the card status is changed to **CARD_OK**, the token will also resume “Active” status automatically.

Lost/stolen card or card closed due to fraud

  • **CARD_LOST** or **CARD_STOLEN**: The corresponding token in the digital wallet remains active and it is transferred to the new PAN, when another card is reissued.
  • **CARD_CLOSED_DUE_TO_FRAUD**: When the card status is updated via the Card API, we automatically trigger a request to the card scheme to deactivate the token. If the card status is reverted to CARD_OK, the token also automatically resumes active”** status. This is done to protect the cardholder’s account, as fraudulent transactions with the card also imply risk of token misuse.

Card replacement

When a card is replaced with a new one (due to being lost or stolen), Enfuce sends an updated message to the card scheme, linking the new card with the existing token. This enables the customer to continue using the same token in the digital wallet, even though a new card is reissued. If the card is exposed to fraud, Enfuce sends a message to the scheme to deactivate the token. After a new card is issued, the cardholder must add it to the digital wallet to generate a new token.

Lost device

If the cardholder loses the device in which the digital wallet and the tokenised card are but the physical card is still in their possession, the cardholder can suspend or deactivate the token. You can update the token status either via the card scheme portal or by contacting Enfuce customer support.

Close token, card remains active

If the cardholder wishes to remove a card from the digital wallet, the digital wallet will trigger a request to the card scheme which in turn will trigger a message to Enfuce about the deactivation. Based on this message, Enfuce will update the token status in the payment platform.

Close card

When card status is set to **CARD_CLOSED** via the Card API, Enfuce will automatically trigger a request to the card scheme to ‘Deactivate’ the token as well.

Token data in data export files

The data export token file is an incremental file sent to you daily. It contains token-related information, such as newly created tokens, status changes, and what PANs each token is linked to. This file can be used for reporting purposes and keeping track of the token lifecycle.

Monthly wallet reports

All issuers are contractually required to submit performance reports and fraud metrics to digital wallet providers. These reports help wallet providers measure the issuer performance and integrity of the platform and identify issuers that require additional support. Monthly wallet reports assist the issuers in meeting this requirement by accumulating the relevant data and providing it to issuers in a ready-to-deliver format. The available reports are:
  1. Apple Pay Monthly Performance Reporting
  2. Samsung Pay Monthly Performance Reporting
Reports are generated and sent to you on the 1st business day of each month. Reports are sent to you by email. You can then review and add fraud data if there have been wallet-related fraud cases and forward your report to your wallet provider(s). Issuers who opt for Enfuce fraud service will receive their fraud data separately from Enfuce. Google Pay only requires fraud data which is delivered to you separately by Enfuce and it is your responsibility to forward the relevant data to Google. Apple Pay requires an additional report for quarterly active tokens, which is the number of unique cards with at least one successful Apple Pay transaction within the quarter in question. You can collect this data from the transaction data export files. Enfuce can trigger push notifications (webhooks) to you for the following tokenisation events.

Activation

This event is used when customer authentication during enrolment is done via a one-time password (SMS OTP).

Status change

This event indicates that the status of a single token has changed. It can indicate e.g. that the customer has started enrolment but it has not been completed, that enrolment was completed successfully or that a customer has removed a card from their digital wallet. With token status updates, you can keep track of the token lifecycle and take actions to improve the customer experience by reacting to the mentioned changes and supporting the customer e.g. in completing the enrolment.

Tokenisation request

This event indicates that card tokenisation and digital wallet enrolment have been initiated. It enables the monitoring of tokenisation requests so you can detect potential fraudulent enrolment attempts. The notification contains details about the device that was used for tokenisation, and risk scoring given by the wallet provider.
Digital Wallets on Enfuce.com.