I'm implementing payment processing with Apple Pay on the web, but I've been stuck right at the final step of the flow: decrypting the payment data sent by Apple. Here is a summary of my implementation: The backend language is Java. The frontend portal requests the session and performs the payment using the endpoints exposed by the backend. I created .p12 files from the .cer files returned by the Apple Developer portal for both certificates (Merchant Identity and Payment Processing) and I'm using them in my backend. The merchant validation works perfectly; the user is able to request a session and proceed to the payment sheet. However, when the frontend sends the encrypted token back to my sale endpoint, the problem begins. My code consistently fails when trying to decrypt the data (inside the paymentData node) throwing a javax.crypto.AEADBadTagException: Tag mismatch! I can confirm that the certificate used by Apple to encrypt the payment data is the correct one. The hash received from the PKPaymentToken (header.publicKeyHash) object exactly matches the hash generated manually on my side from my .p12 file. In the decryption process, I'm using Bouncy Castle only to calculate the Elliptic Curve (ECC) shared secret. For the final AES-GCM decryption, I am using Java's native provider since I already have the bytes of the shared secret calculated. (Originally, I was doing it entirely with BC, but it failed with the exact same error). We have exhaustively verified our cryptographic implementation: We successfully reconstruct the ephemeralPublicKey and compute the ECDH Shared Secret using our Payment Processing Certificate's private key (prime256v1). We perform the Key Derivation Function (KDF) using id-aes256-GCM, PartyU as Apple, and counter 00000001. For PartyV, we have tried calculating the SHA-256 hash of our exact Merchant ID string. We also extracted the exact ASN.1 hex payload from the certificate's extension OID 1.2.840.113635.100.6.32 and used it as PartyV. We have tried generating brand new CSRs and Processing Certificates via OpenSSL directly from the terminal. Despite having the correct ECDH shared secret (and confirming Apple used our public key via the hash), the AES tag validation always fails.et, the AES tag validation always fails. Given that the math seems correct and the public key hashes match, could there be an environment mismatch (Sandbox vs. Production) or a domain validation issue causing Apple to encrypt the payload with a dummy PartyV or scramble the data altogether? Any guidance on this behavior or the exact PartyV expected in this scenario would be highly appreciated.

Hello, We are encountering an issue with Apple Pay on the Web in the sandbox environment where payments cannot be completed because the onpaymentauthorized event is not triggered. The same implementation was working normally until March 5, but the issue started occurring consistently from March 6 without any changes to our code, certificates, or merchant configuration. Environment Apple Pay on the Web (JavaScript) Safari (iOS / macOS) Apple Pay Sandbox Merchant domain verified Merchant validation succeeds Observed Flow The Apple Pay flow proceeds normally until authentication: User clicks the Apple Pay button ApplePaySession.begin() is called onvalidatemerchant fires Merchant validation request succeeds completeMerchantValidation() is called Apple Pay sheet is displayed User authenticates with Face ID / Touch ID onpaymentauthorized is never triggered Because this event never fires, the payment token is not returned and the payment cannot proceed. ApplePaySession Request { "countryCode": "JP", "currencyCode": "JPY", "merchantCapabilities": ["supports3DS"], "supportedNetworks": ["visa", "masterCard"], "total": { "label": "Test Payment", "type": "final", "amount": "100" } } Merchant Validation Merchant validation succeeds and returns a valid session from Apple. Relevant fields from the merchant session: merchantIdentifier: 35A786BE6AB4... domainName: secure.telecom-awstest.com displayName: ApplePay Additional Notes Apple Pay sheet appears normally Authentication completes successfully No JavaScript errors are logged onpaymentauthorized is never fired Issue occurs consistently in the sandbox environment Confirmed across multiple iOS versions Question Has anyone experienced a similar issue recently in the Apple Pay sandbox environment, or are there any known changes that could cause the onpaymentauthorized event not to fire after authentication? Any insights would be greatly appreciated. Thank you.

My understanding is that MPAN is provided for any of the payment request types that support the tokenNotificationURL (deferred/recurring). If you omit the tokenNotificationURL from the request do you still get an MPAN (when supported by the banking network)? Or is it only if that property has a value? Is there a different way you are supposed to trigger an MPAN?

Hi everyone, Is there a way to check the integrity of the auto updating version of the Apple Pay JS SDK? SRI can only be used for the semantic version. Any help/suggestion is appreciated.

We are facing issues with the Apple Pay pop up addresses. So for Portugal and Romania, we would like to collect the user's Province/State as part of the checkout experience. We already do that with other payment methods, however, we noticed Apple Pay pop up doesn't include state/province fields for these two countries, which causes orders to arrive with that field as blank. This is causing a lot of logistics issues during fulfillment. Is there a way to fix this and have the field appear for Portugal and Romania users? Case reference: 102869141084 Thank you!