Implementing OmiseSDK in Swift for iOS

Hello,

I’m a beginner, and I’m trying to implement Omise to process payments in an iOS application. I need to save a new user’s card during the registration process, and then I need a way to charge that saved card later.

I’ve setup a SQLite database using Realm.

I’ve imported OmiseSDK and created a client constant with my public key using the init method below.

  • let client = OmiseSDK.Client.init(publicKey: “omise_public_key”)

I’ve added an extension containing the required didSucceedWithToken, didFailWithError, and creditCardFormViewControllerDidCancel methods.

I’m able to present the built-in creditCardFormViewController by pushing it onto the navigation controller stack.

When I run my app and use the test card number, it succeeds, and the didSucceedWithToken method is called. At this point, I have these questions:

  • I know I’m not supposed to save actual card info to my database, so what do I save, just the token identifier?

  • Do I need to create an Omise Customer object and add the token identifier to that Customer as a card? If so, how do I create a customer? The Omise docs say “When unused token identifiers are added to customers, they are saved as Cards which can be used for repeated purchases,” but it doesn’t provide examples of how to create a new Omise Customer in Swift; it shows other languages, but not Swift. I tried using the Client class to check if there are some ‘create’ or ‘customer’-related methods or properties, but I’m not seeing any.

  • Once I figure out how to save the card and associate it with a specific customer, what method do I use to actually charge the card later?

Sorry if some of these questions have obvious answers. I’m really a beginner, and I would appreciate any help you could offer. Thank you!

Dear Damienb,

Thanks for using the Omise SDK. At first, I would like to explain what Omise SDK does. The main function is a tokenizer, that will help you to tokenizing credit cards and accepting non-credit-card payments like Internet Banking or others. From your questions, I’ll answer your case by case and example solution of the whole flow.

  1. I know I’m not supposed to save actual card info to my database, so what do I save, just the token identifier?
  • If you want some customer identifier. It would be better to use a customer phone number or email instead use Omise token. Cause this token can use once, you can’t reuse it.
  1. Do I need to create an Omise Customer object and add the token identifier to that Customer as a card? If so, how do I create a customer? The Omise docs say “When unused token identifiers are added to customers, they are saved as Cards which can be used for repeated purchases,” but it doesn’t provide examples of how to create a new Omise Customer in Swift; it shows other languages, but not Swift. I tried using the Client class to check if there are some ‘create’ or ‘customer’-related methods or properties, but I’m not seeing any.
  • For the Omise Customer object, you need to use the secret key to create it. That why our SDK can’t do it, because it is not safe if we include a secret key into the App. In your case, you can use the server-side to do this. You can look at the Customer API. That will help you create a customer while attaching a card(token).
  1. Once I figure out how to save the card and associate it with a specific customer, what method do I use to actually charge the card later?
  • Like I prefer in the answer to your question 2. You can use the Customer API to save the card with customer and if you want to reuse the card, you can use the Cards API to receive a card by use customer id and card id.

Example Solution:

For the security best practices, you can look at Security Best Practices and example image below.

From all of your questions. We could split into 3 parts.

  1. Your Application
  • For receive customer information, order, and tokenizing by SDK
  • Implement SDK here and keep Omise Public Key
  1. Your Server
  • To create Charge, create a request for creating a Customer Object, Card Object.
  • Keep Omise Secret Key here
  1. Omise Server
  • Waiting for the request from Application or Server

In your case, it seems you can do follow these steps.

  1. receive customer information by the app.
  2. create a token by the app(SDK inside).
  3. forward token and customer information to your server.
  4. you can create a Customer object or Charge object by creating a request from your server to the Omise server. (use the token for creating it).
  5. your server receives a response
  6. your app interacting as you want with your server

from above is just a sample idea and we did not recommend creating a charge on the client site for security reasons. Please don’t store the secret key on the client-side(application), that not be safe.

I hope my answer would be to guide you.
If you have any question, you can ask us anytime :smile:

Thank you. :omise:

Thank you for all of the information and the quick response! One thing I’m confused about is how to create the Customer object. I understand that I can add the unused token as a parameter when creating the Customer, and that will save the token as a Card, and I’ve been looking at the Customer API, but it doesn’t show how to create a Customer in Swift (screenshot attached). Do I use the method below?

client.requestTask(with: Request:CreatableObject>, completionHandler: ((Result<CreatableObject, Error>) -> Void?)

Dear Damienb,

To create a Customer object from Customer API, you need to create from your server-side. Because this object uses a secret-key to create it. That why it not shown the example in Swift on the Omise website.

We don’t prefer to keep secret-key on the client-side. That means you have to prepare some service on your server to do this.

I hope this comes in useful to you.

Thank you :omise:

2 Likes

Ohhh okay, I understand now. Thank you for your help!

1 Like

Anytime, I’m happy to help. :metal:

Thank you :omise: