Skip to main content
Samsung Pay on the web involves three separate decisions:
  1. Where the customer checks out.
  2. Who owns the Samsung Pay service.
  3. Who decrypts the Samsung Pay payment credential.
These decisions are related, but independent. A merchant can own the Samsung Pay service while Lite decrypts the payment credential. The deciding factor for decryption is who holds the private key behind the CSR registered in Samsung Developer Portal.
Samsung Pay is not Apple Pay Samsung Pay Web Checkout does not use a .well-known domain-association file. It uses a Samsung Pay service with a Service ID, configured website and callback URLs, and a CSR that tells Samsung which public key to use when encrypting payment credentials.

Terminology

TermMeaning
Samsung Pay serviceThe Samsung configuration for accepting online payments. It has a country, a payment gateway, and a Service ID.
Service IDThe identifier the Samsung Web Checkout SDK uses to start Samsung Pay in the browser.
Payment credentialThe encrypted payment data returned by Samsung Wallet after the customer approves payment.
CSRA file containing a public key. Samsung encrypts the payment credential with this key.
Private keyThe secret key paired with the CSR. Whoever holds it can decrypt the payment credential.
Result notificationThe notify() call that tells Samsung whether the payment was charged, rejected, cancelled, timed out, or failed.

Choose an integration route

RouteCheckout experienceSamsung Pay serviceWho runs Samsung’s Web Checkout SDKWho decrypts
1. Hosted CheckoutLite-hosted payment pageLite-managedLiteLite
2. Lite SDKMerchant page, Lite SDK renders Samsung PayLite-managedLite SDKLite
3. Direct API, Lite-managed serviceMerchant-built checkoutLite-managedMerchantLite
4. Direct API, merchant-owned serviceMerchant-built checkoutMerchant-ownedMerchantLite by default. Merchant decryption is an approved advanced option.
Lite-managed service means Lite acts as the Samsung Pay payment gateway for the merchant. Lite provisions or assigns the Samsung configuration, holds the CSR private key, decrypts the payment credential, and processes the payment. The merchant never creates a Samsung Developer account or handles a CSR. In every route, Lite processes the payment: authorization, capture, refunds, voids, and payment lifecycle webhooks.

What ownership controls

DecisionWhat it controls
Samsung Pay service ownershipWho uses Samsung Developer Portal, creates the service, manages the Service ID, and configures Samsung-side URLs and gateway settings.
Private key ownershipWho decrypts the Samsung Pay payment credential.
Payment processingAlways Lite.
For merchant-owned services (Route 4), two key models exist: Lite decrypts (Route 4A). Lite generates the CSR and keeps the private key. The merchant uploads the Lite-provided CSR to Samsung Developer Portal. This is safe: a CSR contains only a public key. The merchant never sends a private key to Lite, and Lite never asks for one. Merchant decrypts (Route 4B). The merchant generates its own key pair and CSR, uploads its CSR to Samsung, decrypts the payment credential, and sends Lite the payment payload Lite defines. This route requires Lite approval and carries PCI DSS responsibilities on the merchant side.

Route 1: Hosted Checkout

Fastest launch. The merchant redirects the customer to Lite Hosted Checkout. Lite owns the Samsung Pay browser flow and all Samsung-side operations.

Onboarding

  1. Enable Samsung Pay for the Lite channel in Lite Dashboard.
  2. Lite checks merchant, channel, country, and card scheme eligibility, then provisions or links a Lite-managed Samsung Pay service.
  3. Samsung Pay is ready to test.

Payment flow

Merchant steps

  1. Enable Samsung Pay for the Lite channel.
  2. Create a Lite checkout session from your backend.
  3. Redirect the customer to Lite Hosted Checkout.
  4. Verify and process Lite webhooks.
The merchant does not create a Samsung Developer account, handle a CSR, configure Samsung URLs, run Samsung’s SDK, touch the payment credential, or call Samsung result notification APIs.

Route 2: Lite SDK

Samsung Pay appears inside the merchant’s checkout page, but Lite SDK owns the Samsung Web Checkout flow. Onboarding is identical to Route 1: enable Samsung Pay for the channel, and Lite provisions the Lite-managed service.

Payment flow

Merchant steps

  1. Enable Samsung Pay for the Lite channel.
  2. Create a Lite checkout session from your backend.
  3. Pass client-safe session data to the browser.
  4. Initialize and mount Lite SDK, then handle its events.
  5. Verify and process Lite webhooks.
Lite SDK owns availability checks, the Samsung Pay button, Samsung Web Checkout initialization, the Samsung Wallet handoff, credential delivery to Lite, the Samsung result notification, and result presentation. The merchant writes no Samsung Web Checkout code and never calls notify().

Direct API (Routes 3 and 4)

Use Direct API when you need full control over checkout behavior. You build the checkout page and integrate Samsung’s Web Checkout SDK. Lite decrypts the credential, processes the payment, and returns a result you use to notify Samsung.

Route 3: Lite-managed service

Lite owns the Service ID, the CSR private key, and decryption. You own the browser integration. Onboarding:
  1. Select Direct API and enable Samsung Pay in Lite Dashboard.
  2. Provide your checkout URL, merchant display name, country, and required business details.
  3. Lite checks channel eligibility, provisions or links the Lite-managed Samsung Pay service, and returns your Samsung Pay configuration.

Route 4: Merchant-owned service

You own the Samsung Developer Portal configuration. Lite still decrypts by default (Route 4A) and always processes the payment. Onboarding:
  1. Select Direct API and merchant-owned Samsung Pay service in Lite Dashboard.
  2. Get your CSR:
    • Lite decrypts: download the Lite-generated CSR from Lite Dashboard.
    • Merchant decrypts (approval required): generate your own key pair and CSR.
  3. Create a Web Online Payment Service in Samsung Developer Portal.
  4. Select Lite as the payment gateway where Lite is available in the Samsung portal for your market.
  5. Add your website URL and the callback URLs Samsung requires.
  6. Upload the CSR from step 2.
  7. Save the Samsung Service ID in Lite Dashboard. Lite validates the configuration.
  8. Complete Samsung staging and production approval.

Payment flow (Routes 3, 4A, and 4B)

Route 4B differs in one step: your backend decrypts the credential with your private key and sends Lite the Lite-defined authorization payload instead of the encrypted credential. Route 4B is not yet available for public implementation. Lite must approve your use of it and will provide the request schema, accepted fields, error model, and PCI DSS responsibilities.

Build the browser integration

This section applies to Direct API.

1. Load Samsung’s Web Checkout SDK

<script src="https://img.mpay.samsung.com/gsmpi/sdk/samsungpay_web_sdk.js"></script>

2. Define the payment methods

Define the supported payment methods and Samsung Pay API version in the paymentMethods object. The serviceId identifies the Samsung Pay service used for your integration. Use the Service ID and allowed card brands configured for your Lite channel, delivered from your backend. Do not hardcode them in browser code.
const paymentMethods = {
  version: "2",
  serviceId: "<samsung-service-id>",
  protocol: "PROTOCOL_3DS",
  allowedBrands: ["visa", "mastercard"],
};

3. Check availability before showing the button

Initialize the Samsung Pay client with the operation environment, then check availability with isReadyToPay().
const samsungPayClient = new SamsungPay.PaymentClient({
  environment: "STAGE",
});

const availability = await samsungPayClient.isReadyToPay(paymentMethods);

if (availability.result) {
  showSamsungPayButton();
}
Show the Samsung Pay button only when isReadyToPay() succeeds. Use the official Samsung Pay button asset, or the SDK’s createButton() method, and follow Samsung’s branding guidelines.

4. Create the transaction details

const transactionDetail = {
  orderNumber: "<order-number>",
  merchant: {
    name: "<merchant-name>",
    url: "<merchant-url>",
    id: "<merchant-id>",
    countryCode: "SA",
  },
  amount: {
    option: "FORMAT_TOTAL_ESTIMATED_AMOUNT",
    currency: "SAR",
    total: 300,
  },
};
Build transactionDetail from server-controlled order data. Do not trust amount, currency, or order values supplied by browser code.

5. Launch the payment sheet

Call loadPaymentSheet() when the customer clicks the Samsung Pay button. When the customer confirms the payment on their device, the promise resolves with the encrypted paymentCredential object.
const paymentCredential = await samsungPayClient.loadPaymentSheet(
  paymentMethods,
  transactionDetail,
);
Send the complete paymentCredential object to your backend, then to Lite for decryption and processing.
Send the complete paymentCredential Samsung’s generic documentation tells merchants to extract the 3DS.data field and pass it to their payment provider. Lite requires the complete paymentCredential object, which also includes the card brand, last four digits, and recurring-payment flag. Do not send only 3DS.data.

6. Notify Samsung of the payment result

After Lite processes the payment and returns a result, report the final status to Samsung with notify():
samsungPayClient.notify(paymentResult);
The paymentResult object contains the payment status and the payment gateway name. Map Lite’s payment result to Samsung’s status:
Samsung statusUse when
CHARGEDLite confirmed the payment was charged.
REJECTEDThe issuer or acquirer rejected the payment.
CANCELEDThe customer, merchant, or Lite cancelled the payment.
TIMEOUTLite could not return a final result within the configured time.
ERREDA technical error occurred.
Send CHARGED only after Lite confirms the charge. A payment credential from Samsung Wallet is not a charge.

Payment result and fulfillment

Samsung Wallet approval and Samsung’s Verified screen mean Samsung has created a payment credential. They do not mean Lite has charged the customer. Lite launches Samsung Pay with automatic capture. The sequence for fulfillment:
  1. Lite processes the credential and confirms the payment was charged.
  2. Samsung receives CHARGED through the result notification.
  3. Lite sends you a payment-captured webhook.
  4. You ship the order or provide the service.
Ship only after step 3. Never fulfill based on the Samsung Wallet approval screen, the browser result, or the immediate API response alone.

Testing

Samsung provides three Web Checkout environments:
EnvironmentPurpose
STAGEStaging with real device authorization
STAGE_WITHOUT_APKStaging simulation without device authorization
PRODUCTIONLive payments
Before going live, verify:
  • Samsung Pay is enabled for the Lite production channel and the Samsung Pay service is approved for production.
  • The Service ID matches the Samsung environment in use.
  • The button appears only after isReadyToPay() succeeds.
  • Desktop device binding works with both Samsung account email and QR code.
  • The complete payment credential reaches Lite without being logged.
  • Each outcome works end to end: charged, rejected, cancelled, timed out, and technical error, with the matching Samsung result notification.
  • Webhooks are signature-verified and duplicate events are ignored.
  • Fulfillment waits for the payment-captured webhook.
  • Refund and void operations work through Lite’s Payments API.

Security requirements

  • Create checkout sessions and payments from your backend. Keep Lite API keys out of browser code.
  • Use server-controlled order number, amount, currency, merchant name, and Service ID.
  • Use an idempotency key for payment creation and any retryable Lite operation.
  • Do not log payment credentials, encrypted JWE data, CSRs, private keys, or decrypted token data.
  • If you hold your own private key (Route 4B), store it in an HSM or a secure key-management service. Never upload a private key to Lite.
  • Verify Lite webhook signatures and ignore duplicate events.