Open in app

Sign in

Write

Sign in

Digital Wallets Role in Fintech

Laiba Nasir
6 min readSep 17, 2024

--

Hey Everyone,

I’m back with another exciting module, and this time it’s all about Digital Wallets and their remarkable role in the fintech industry. Let’s dive into what digital wallets are, how they work, and their importance in secure transaction processing.

What Digital Wallets are?

In fintech, A digital wallet is an electronic payment system that enables users to store their payment card information securely and make purchases without needing physical cash or cards. Accessible through mobile devices or computers, digital wallets offer a convenient and secure method for online, in-store, and in-app transactions.

Digital wallets function by safely storing details such as credit or debit card numbers, expiration dates, and security codes. When making a purchase, users can choose the desired payment card from their digital wallet and authenticate the transaction using methods like biometric verification (fingerprints or facial recognition) or a PIN code.

The growing popularity of digital wallets can be attributed to their ease of use, enhanced security, and streamlined payment processes. They are widely adopted by consumers globally and are offered by major technology companies, financial institutions, and retailers.

1. Types of Provisioning :

Digital wallet provisioning refers to the process of adding and managing payment cards or other credentials in a digital wallet. There are several types of provisioning methods, each with its own characteristics and use cases:

  1. Manual Provisioning
  2. Push Provisioning/In-app
  3. Provisioning via QR Code

Before we dive into provisioning let’s first see how many parties are involved in the provisioning flow:

Issuer: The financial institution (bank or credit card company) that issues the payment card (credit or debit) and manages the associated payment account. Examples include Chase, Bank of America, and Citibank.

Processor: The company responsible for handling the transaction processing and authorization. Processors manage the technical aspects of payment transactions. Examples include Stripe, Adyen, I2c and Braintree.

Merchant: The business or service provider that accepts payments. Merchants use payment systems to process transactions and handle payment-related tasks.

Wallet Provider: The company that provides the digital wallet application or platform where users store and manage their payment credentials. Examples include Apple Pay, Google Pay, and Samsung Pay.

Network: The payment network (e.g., Visa, Mastercard, American Express) that facilitates communication between the issuer, processor, and other parties involved in payment transactions.

1.1. Flow of Manual Provisioning :
In manual provisioning, the cardholder manually enters their card details into the digital wallet. This process typically involves:

  • The cardholder starts the process manually through the wallet application.
  • The wallet Provider(ApplePay, GooglePay), acting as the Token Requestor, verifies if the card is eligible for digitization.
  • The Network checks if the card can be digitized and sends the Terms and Conditions (T&C) to the wallet. The wallet displays the T&C to the cardholder/consumer. The consumer reviews and accepts the T&C.
  • The wallet, as the Token Requestor, initiates the card digitization process.
  • The issuer receives the token authentication request as an “Authorize Binding”. The issuer’s decision requires additional authentication and responds to the token authentication request.
  • The network requests the available consumer activation methods (ID&V options) from the issuer. The issuer generates and provides a list of available options to the cardholder.
  • The network returns the available options to the wallet provider which in return wallet displays these options to the consumer/cardholder.
  • In case the consumer selects SMS OTP (One-Time Password) as the ID&V option, the wallet provider requests an activation code (OTP) for the consumer.
  • The network generates the activation code and sends the activation code to the issuer through MTP I-TSP integration.
  • The issuer delivers the activation code to the consumer via SMS. The consumer enters the activation code into the wallet.
  • The wallet provider sends the activation code to MDES for validation. After successful validation, the network activates the token and notifies the issuer about the successful digitization.
  • The issuer informs the cardholder that the digitization to the third-party wallet provider was successful
  • The network notifies the wallet about the successful provisioning.
  • The wallet displays the recently digitized card to the consumer.

For further clarity read the referenced article MDES Flow

1.2. Push Provisioning/In-app :

The card issuer or bank can directly push card details to the digital wallet, often with minimal user intervention. like click on a button in the mobile app

  1. 3. Provisioning via QR Code:

The cardholder scans a QR code to automatically add the card details to their digital wallet. It reduces the need for manual entry and speeds up the provisioning process.

Token approval process

When you add a card to the digital wallet, a request is sent to provision a token. This request involves three main parties: the card network, the Marqeta platform, and the digital wallet provider. Each party assesses the request to determine if the token should be provisioned. They do this using their own risk evaluation and business logic. Each participant assigns a decision color based on their assessment:

  • Red path
  • Green Path
  • Yellow Path
  • Super yellow Path
  • Orange Path

Red Path:

If the cardholder enters incorrect card details during provisioning, the process will result in a DECISION RED status, and the token will not be provisioned.

Reasons:

  • Invalid Card Information: The card details provided are incorrect, such as an invalid card number or expiration date.
  • Card Status Issues: The card is reported as lost or stolen, or it’s been flagged for other security reasons by the card issuer.
  • High Risk of Fraud: The request triggers fraud detection rules due to suspicious activity or patterns, such as high transaction volume in a short time or unusual geographic locations.
  • Compliance Issues: The request does not meet regulatory or compliance requirements, such as AML (Anti-Money Laundering) or KYC (Know Your Customer) standards.
  • Account Not in Good Standing: The cardholder’s account has issues like overdue payments or account restrictions that prevent the token from being provisioned.
  • Technical Errors: System errors or failures in communication between the digital wallet, card network, or issuer processor could result in an automatic rejection of the request.

Outcome: The tokenization request is denied, and the cardholder is notified that the provisioning attempt has failed.

Green path:

If the details are correct and verified during provisioning the token will be immediately provisioned. This means all parties have validated the request and there are no significant concerns.

  • Validated Card Information: The card details are correct and verified.
  • Positive Risk Assessment: The request does not trigger any fraud detection alerts or risk flags, indicating a low risk of fraudulent activity.
  • Good Account Standing: The cardholder’s account is in good standing with no issues.
  • Compliance Compliance: The request meets all regulatory and compliance requirements.
  • Technical Success: All systems involved in the token provisioning process communicate successfully without errors.

Outcome: The token is successfully provisioned and added to the digital wallet. The cardholder can use it for transactions.

Yellow Path:

The cardholder is requested to provide another verification, for example, a one-time password (OTP).

Reasons:

  • Uncertain Risk Factors: The request raises some risk flags, but it is not immediately clear whether these represent a significant threat. Examples include inconsistent transaction patterns or partial issues with account standing.
  • Incomplete or Ambiguous Information: There might be gaps or inconsistencies in the information provided that require further verification.
  • Suspected Fraud Indicators: There are potential signs of fraud or suspicious activity, but they are not conclusive. Additional checks are needed to clarify the situation.
  • New or Unverified Accounts: The cardholder’s account is new or has limited history, prompting additional scrutiny to ensure legitimacy.
  • Compliance Concerns: There might be minor issues related to compliance or regulatory requirements that need further investigation.

Outcome: The token request is placed in a pending state. The digital wallet provider or issuer processor must perform additional checks or gather more information before making a final decision. This could involve contacting the cardholder or verifying additional details.

Next Steps for DECISION_YELLOW:

  • Further Verification: Additional checks are conducted to resolve the uncertainties. This might include reaching out to the cardholder for more information or running additional fraud detection algorithms.
  • Resolution: Depending on the results of the additional verification, the token request may be either approved (resulting in DECISION_GREEN) or rejected (resulting in DECISION_RED).

I hope the above reading helps you at the basic level flow. If yes, give a clap below.

Digital Wallet
Fintech
Digital Wallet Provider
Digital Wallet Platform

--

--

Laiba Nasir

Written by Laiba Nasir

11 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams