Skip to main content
digital card

A DIGITAL-FIRST PAYMENT AND BANKING EXPERIENCE

The Entrust Digital Card Solution allows banks and credit unions to instantly provision digital payment credentials directly from their mobile application to the cardholder’s mobile wallet.

Entrust ebook on a laptop

A best-in-class payment experience, without the complexities

The Entrust Digital Card Solution enables issuers to quickly and easily give customers what they want: an instant, digital-first payment experience. With a single software development kit, adding the latest digital card features to your mobile banking app is easy.

DOWNLOAD EBOOK

Here's what customers are saying

"Their teams have demonstrated skills and flexibility by implementing a practical and powerful mobile application with a prepaid Visa solution in just 2 months, in a complex environment.”

Bertrand Simonin, Associated Director, Brands and Payments Solutions, Sodexo


“We chose this partner as they demonstrated unique technical expertise in digital payments and tokenization.”

Tomas Janitor, Head of Business and Innovations, Raiffeisen Bank


Product Features

With so many innovative features built into one unified solution, we make it easy for you to create seamless digital payment experiences for your cardholders.

credit card front alt icon
X-Pays, Click to Pay, and Merchants Push

Conveniently & securely push the cards into Apple, Google, and Samsung Pay, as well as Click to Pay and e-commerce merchants​

contactless card icon
NFC Issuer Wallet

Easily deploy your own NFC mobile payment solution

shield check icon
Secure Card Display

Securely display sensitive card information like the card number, expiry date, or cryptogram

card magic icon
Token Manager

Offer a secure & unique digital card management experience

phone pin icon
PIN Display & Change

Securely display the PIN code in the application and let your customer modify their card’s PIN

settings icon
Card Controls

Enable cardholders to deactivate lost or stolen cards via bank’s application

Features

  • Click to select...

Push Provisioning

A convenient way to push digital cards into e-wallets such as Apple Pay or Google Pay, to e-commerce merchants, and also to Click to Pay.
To offer Apple Pay, banks have to implement the mandatory in-app Apple Pay Push Provisioning of the card, directly from their banking app. Our Entrust mobile SDK with Apple Pay Push Provisioning allows you to do that.

It enables mobile banking users to securely push their Visa and Mastercard cards directly into third-party digital wallets – not only Apple Pay, but also Google Pay, Samsung Pay, Garmin Pay, FitBit Pay, Click to Pay, and e-commerce merchants. Banking customers can do this without step-up authentication because it is already authenticated by the bank.

Here’s how it works for your Apple Pay customers:

  1. Click on the “Add to Apple Wallet” button in the banking app.
  2. Confirm notification and continue with biometric authentication.
  3. Accept Apple Pay’s terms and conditions.
  4. Wait for the card to be added to the wallet.
  5. Done! You can now pay with your digital card in Apple Pay (at point of sale or online) and manage the card in your banking app.

How it works with Apple Pay illustration

A holistic customer experience for a perfectly simplified payment journey, for all use cases​

  • Convenience and security: No need to manually enter card details in the wallet app, on an e-commerce merchant website, or in Click to Pay​
  • Future-proof based on Visa and Mastercard tokenization (compatible debit, credit, and prepaid, and all card systems)
  • Push provisioning management in a unified way (multi-scheme/use cases/multi-CMS) including PAN encryption and key management

A unified, simplified integration of push provisioning to all use cases​
Thanks to our unified PCI-DSS service (Apple Pay certified), the project and integration are simplified. The bank just needs to integrate our secure mobile SDK with our support and follow the 3 following steps:

  1. Initialize mobile SDK: Mobile app calls the mobile SDK and shares a Client ID
  2. Device binding: Mobile app pushes an encrypted PAN or a Card ID to be bound to that mobile SDK
  3. Push card: Mobile app calls the mobile SDK for pushing the card into any use case

*Other implementation options can be reviewed with the bank

Push to Apple-Google Pay - mobile SDK Option illustration

Other use cases, like push to other wallets, e-commerce merchants, or Click to Pay, are also covered​.

If you want to offer push provisioning to your cardholders, connect with an expert.

Secure Card Display

PCI-DSS compliant card display

To enable e-commerce payments through digital cards, banks must be able to display the card number to the client. In general, displaying the card information has many advantages:

  • Immediate purchases: the cardholder can use it from day 1 to purchase, even if he didn’t received his physical card
  • More convenience: easier access to these information for the cardholder. Less friction, and the card likely becomes top of wallet/the cardholder will use the more convenient card.
  • More security: sensitive card information can partially be removed from the plastic card
  • All use cases: works also with purely virtual cards

Overall, displaying the card information in the banking app leads to more usage, and less fraud.

But displaying this highly sensitive information means the banking app must comply with the PCI-DSS requirements.

The Entrust Digital Card Solution resolves those challenges. Our mobile software development kit (SDK), both for iOS and Android, and our web-service based integration comply with PCI DSS for transferring sensitive information between a mobile application and the bank. ​

The mobile SDK also complies with the industry’s highest security requirement for software applications, which enables it to reach financial institutions' expectations to securely display any highly sensitive information. ​

Card Display: Securely displays sensitive card details (card number, expiry date, CVV, CVV2) from the banking app.

This enables the client to pay with his card online, without having the physical card.

Phone with card display

Security at its core
Our secure interface solution uses end-to-end encryption mechanisms to desensitize the servers and the mobile app, so they have no way to decrypt or alter sensitive data. This enables the management of sensitive information, such as card numbers, cryptograms, and PIN codes.

If you want to offer a secure card display to your cardholders, connect with an expert.

Strong Customer Authentication

The right balance between security and convenience
While there’s no doubt that security is a top priority for the banking industry, finding the right balance between convenience and security has been an issue for a long time. Customers expect fast and convenient authentication when using their mobile devices.

No need to compromise on security when using our secure mobile SDK.

Mobile first design
Whether for web-banking operations, payments, or mobile banking, a smartphone is the best option to ensure cross-channel customer security.

  • Convenient: Mobile authentication is the most used form of authentication
  • Secure and Customizable: Through multi-factor authentication on a single device, mobile is now the best authentication tool
  • Widespread: Most people have a smartphone
  • Cost-Effective: No need to deploy hardware or send costly SMS

PSD2 Compliant
New regulations such as the Payment Services Directive (PSD2) by the EBA push banks to tighten the authentication of their customers to provide maximum security for various types of transactions, especially against online fraud.

strong customer authentication framework illustration 

PSD2 is a challenge for a lot of banks still relying on unsecured and non-compliant one-time passwords (OTPs) for transaction authentication.

With our secure mobile SDK, we make PSD2-compliant authentication easy for banks to deploy and convenient for your customers to use.

Adaptive multi-factor authentication
Our secure solution is based on one- to several-factor authentication. The first factor is transforming the device into a “trusted” device with leading security mechanisms. The “trusted” device can then be combined with any of the following factors:

  • Passcode
  • Device unlock: pattern, pin code, passcode, or any other method supported by the device (e.g., Face ID)
  • Fingerprint
  • Facial recognition

No biometrics or personal data is stored or processed outside the local mobile SDK, and we employ advanced encryption for server-side security checks.

The bank defines which combination of factors is relevant for each level of strong customer authentication, for example:

  • Low: Device unlock or fingerprint
  • Medium: Fingerprint + passcode
  • Strong: Fingerprint or passcode + facial recognition

Advanced Security Mechanisms
Our mobile SDK protects your customers from advanced malware attacks and transforms their smartphone into a “trusted” device through its multilayer security features:

  • Device binding
  • Root detection
  • Obfuscation
  • Anti-tampering
  • Anti-debugging
  • Anti-cloning

Part of any authentication option
Our authentication solution can be part of any authentication option that uses a smartphone for strong customer authentication, regardless of the operation channel. Use cases include:

  • Account access
  • 3DS authentication
  • Credit transfers, P2P
  • Mobile contactless payments and QR code

How it works
Example: Desktop checkout with 3DS 2.0 ecommerce payment

  1. The transaction is initiated on a desktop computer.
  2. A push notification is sent to the mobile device, which opens the banking application.
  3. The customer strongly authenticates according to the desired pattern (from simple consent to multi-factor authentication).
  4. The payment page automatically refreshes with the result of transaction.

How it works - desktop checkout with 3DS 2.0 ecommerce payment illustration

If you want to offer strong customer authentication to your cardholders, connect with an expert.

Token Manager

More tokens means the need for more control
Tokenization is now standard for card issuers, but the digitalization of cards makes everything more complex.

  • How can cardholders control their digital cards stored into different e-commerce merchants and NFC wallets in a simple and seamless way?
  • How can cardholders have a consolidated view of their tokens?
  • How can banks offer a user-friendly experience?

API-driven for simpler, more convenient tokenization
Our token manager easily integrates with your card systems. We use APIs to unify provisioning and lifecycle management of tokens for all use cases, making it simpler and more convenient than most of the solutions proposed by card processors.

The user can push a card to a new device or merchant; visualize tokens, suspend, resume, or delete a token; and update tokens automatically when their card and/or their mobile phone is replaced, lost, or stolen.

A unified way to push tokens and give full control to the user

Token view, push, and control on phone illustration

If you want to offer token management to your cardholders, connect with an expert.

Issuer TSP Hub

Easily launch tokenization, including for Apple Pay, Google Pay and e-commerce
Digital cards and instant issuing are the new normal. And that has led to increasing complexity for banks, with the acceleration of TSP innovations. What banks need is a unified service for digital cards.

issuer TSP Hub Token illustration

Our Issuer TSP Hub allows banks to easily launch all digital card use cases and flows (OEM NFC wallets, issuer wallets, and e-commerce tokens) and to manage digitization and lifecycle management messages from Schemes TSPs in a unified and simplified manner.

All API connections to schemes are already certified and managed by Entrust, so the certification processes are simplified, and banks can easily provide a mobile-first, digital card experience to their customers.

Unified connectivity for issuers

  • Certified Visa VTS, Mastercard MDES, and Cartes Bancaires (CB) for issuers, and live with all available use cases: Apple Pay, Google Pay, Samsung Pay, Garmin Pay, e-commerce tokens, etc.
  • Handles all secure communications from card enrolment (push-provisioning, PAN entry, etc.) to token lifecycle management through a single set of APIs
  • Offers unified token management tools (multi-scheme, multi-device, multi-use case)
  • Brings agility, better time-to-market deployment, and a high level of adaptations
  • Limits TSPs and processors dependency

How it works
The Entrust iTSP hub natively includes advanced token lifecycle management functionalities. This allows you to:

  • Manage tokens (suspend, unsuspend, delete) in a unified, multi-scheme, and multi-use case way Benefit from web back-office tools or APIs as an extension of your CMS
  • Allow your back-office card teams to have an aggregate view of tokens per client (CardID, devices, tokens, use cases, etc.) across schemes and CMS
  • Reassign a new PAN to an existing token when the PAN is updated (e.g. lost, stolen, or card renewal)

How it works - Entrst iTSP hub illustration

Token Provisioning

  • Get card information
  • Approve tokenization based on token requester and risk information

Step up

  • Provide authentication methods to the TSP
  • Send OTP request messages and potentially adapt to issuer’s existing SMS or email services
  • Activate token

Life cycle management

  • Activate, suspend, resume, and delete token
  • Update card

Notifications

  • Receive tokens and cards
  • Receive notifications from the TSPs and the token requesters

If you want to offer an Issuer TSP Hub to your cardholders, connect with an expert.

NFC Issuer Wallet

Give your cardholders the convenience of tap-and-pay payments
In today’s fast-paced digital world, banking customers expect easy, mobile-first banking experiences. With our NFC Issuer Wallet, banks can easily digitize payment cards into their banking app, giving their cardholders the ability to “tap and pay” with their mobile phone. This adds value to your app by increasing customer engagement – just think how many more times your cardholders will interact with your app when they can use it at point of sale.

Industry-leading certifications and security
Entrust is Visa VTS, Mastercard MDES, and Cartes Bancaires (CB) certified. We are one of the few providers that boasts the highest security compliance from card schemes.

NFC Issuer Wallet illustration

How it works
For a simplified launch, you just need to integrate our mobile SDK with our agile support, usually in less than two months. To simplify integration and reduce time-to-market, we can also provide a white-label user interface or application with your own look and feel.

Once implemented, your customers simply “tap and pay” with their banking app on their mobile phone, without any payment limits and any data connection. Just tapping the phone on the POS terminal awakes your app. The solution natively includes strong customer authentication (PIN, fingerprint, unlock-device, facial recognition) that can be set up for payment depending on the transaction amount.

How it works - NFC Issuer wallet illustration

If you want to offer an NFC Issuer Wallet to your cardholders, connect with an expert.

Card Alerts & Control

Consumers are looking for new ways to manage their cards instantly. Entrust Card Alerts & Control enables you to help today’s consumers take control of their financial lives when they’re on the go, through our adaptive card control feature.

Let cardholders manage how, when, and where their card is being used by setting refusal and alerts rules. Rules can be based on the transaction type or amount, the country, and more. Let cardholders receive personalized alerts and easily disable or enable their card.

Enable consumers to control cards, receive activity alerts, and set limits based on card spend, location, transaction, and merchant types:

Example features:

  • Block/unblock: at card level, online payments, contactless payment, money withdrawal, cross-border, recurring
  • Threshold payment alerts: cardholder may set an alert if a spending limit for a given card has been reached
  • Tokenized payments enabled: keep transacting through mobile wallets and/or wearables even in case of lost or stolen physical card

The card control features apply to the following transaction types: ATM, recurring, brick and mortar, cross border, e-commerce, contactless.

Custom controls can also be included.

Benefits of Entrust Card Alerts & Control:

  • Ease of integration, as we are relying on Visa® and Mastercard® processing. This means there is nearly nothing to integrate from the bank’s side
  • The card control feature is processor-agnostic
  • It enables you to give full power to the cardholder, and to enable card control selfcare for more security and fraud reduction

Ready to offer advanced card control features to your cardholders? Reach out here.

Digital Card Solution Control payments phone image

PIN Display & Change

Our PCI-DSS compliant instant PIN display and change: reduced operation costs and a truly digital-first experience

PIN Display: Cardholders can securely display the PIN of their physical card within the banking application.

PIN Change: Cardholders can securely and instantly modify the PIN of their physical payment card. A long and painful process to reset the PIN is avoided.

Phone with PIN number

With the Entrust Digital Card Solution, cardholders can display and manage the PIN of the physical payment card directly from the banking application.

If you want to offer PIN display and Change to your cardholders, connect with an expert.

    Proven in the Marketplace

    Trusted and vetted by the world’s leading payment ecosystem providers

    Technology Partnership: Entrust and Mastercard
    Creating new opportunities for more secure, seamless transactions around the globe.

    Digital Card Solution Resources

    Related Products

    Connect with an Expert

    Fill out the form to have one of our experts contact you to discuss how you can create digital-first payment experiences for your cardholders.