Hi, You're here because you've had issues with your implementation of Wallet Extensions for Apple Pay In-App Provisioning or In-App Verification. To prevent sending sensitive credentials in plain text, create a new report in Feedback Assistant to share the details requested below with the appropriate log profiles installed. Gathering Required Information for Troubleshooting Apple Pay In-App Provisioning or In-App Verification Issues While troubleshooting Apple Pay In-App Provisioning or In-App Verification, it is essential that the issuer is able to collect logs on their device and check those logs for error message. This is also essential when reporting issues to Apple. To gather the required data for your own debugging as well as reporting issues, please perform the following steps on the test device: Install the Apple Pay and Wallet profiles on your iOS or watchOS device. If the issue occurs on Mac, continue to Step 2. Reproduce the issue and make a note of the timestamp when the issue occurred, while optionally capturing screenshots or video. Gather a sysdiagnose on the same iOS or watchOS device, or on macOS. Create a Feedback Assistant report with the following information: The bundle IDs App bundle ID Non-UI app extension bundle ID (if applicable) UI app extension bundle ID (if applicable) The serial number of the device. For iOS and watchOS: Open Settings > General > About > Serial Number (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > Serial Number. The SEID (Secure Element Identifier) of the device, represented as a HEX encoded string. For iOS and watchOS: Open Settings > General > About > SEID (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > System Report > NVMExpress > Serial Number. The sysdiagnose gathered after reproducing the issue. The timestamp (including timezone) of when the issue was reproduced. The type of provisioning failure (e.g., error at Terms & Conditions, error when adding a card, etc.) The issuer/network/country of the provisioned card (e.g., Mastercard – US) Last 4 digits of the FPAN Last 4 digits of the DPAN (if available) Was this test initiated from the Issuer App? (e.g., yes or no) The type of environment (e.g., sandbox or production) Screenshots or videos of errors and unexpected behaviors (optional). Important: From the logs gathered above, you should be able to determine the cause of the failure from PassbookUIService, PassKit or PassKitCore, and by filtering for your SEID or bundle ID of your app or app extensions in the Console app. Submitting your feedback Before you submit to Feedback Assistant, please confirm the requested information above is included in your feedback. Failure to provide the requested information will only delay my investigation into the reported issue within your Apple Pay client. After your submission to Feedback Assistant is complete, please respond in your existing Developer Forums post with the Feedback ID. Once received, I can begin my investigation and determine if this issue is caused by an error within your client, a configuration issue within your developer account, or an underlying system bug. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

Hi, We are trying to make payment from ecomm merchant. The last request during process is { "sessionData": { "epochTimestamp": "1741082241", "expiresAt": "1741092241", "merchantSessionIdentifier": "SSH88312C485D_7E0DD10173", "nonce": "3f6dc197", "merchantIdentifier": "5F9BC6BAF8", "domainName": "libertybank.ge", "displayName": "Apple Pay Purchase", "signature": "3080060000", "operationalAnalyticsIdentifier": "Apple Pay Purchase:5F9BC6BAF8", "retries": 0, "pspId": "5F9BC6BAF8" } } which is successfully validated applePaySession.completeMerchantValidation(data.sessionData) After this, the "oncancel" handler is triggered in applePay. Please help us to understand what is wrong. Please note the domain where the applepay button is located is at txpg.libertypay.ge Which is successfully verified.

We requested the com.apple.developer.passkit.pass-presentation-suppression entitlement in our app to suppress the Apple Pay popup when our app is near a reader. This entitlement was approved by Apple and successfully suppresses Apple Pay popups when approaching readers. Currently, we have another use case in the same app: presenting a PKPass (our door key pass) by calling the Wallet from our code using passLibrary.present(pass.secureElementPass!). This should take us to the Wallet and display our pass. This functionality works perfectly in other environments where this entitlement is not in place. We now understand that this entitlement suppresses all passes from our app. Our questions are: How can we suppress the Apple Pay popup while displaying our app key against a reader and also present the pass in the Wallet? Both requirements are essentially the same but implemented in two different ways, and we need both functionalities. Presenting the pass through a URL is not a viable option for us according to our standards. (https://developer.apple.com/forums/content/attachment/c2542a51-fd2c-42ce-88a2-207689b31159)

Hello Apple Developer Community, I recently encountered a serious security issue involving a third-party app development company that requested full JSON API key access to my Apple Developer account. After conducting research, I realized that granting this access would allow permanent backend control over my app—even after our contract ended. Key Issue: • Third-party developers extract JSON API keys from client accounts. • These keys allow unrestricted backend access, even after being removed from the account. • With this access, they can: • Modify apps remotely • Interfere with financial settings • Restrict client access while maintaining their own backend control Why This Matters: • This could be happening at scale, affecting many developers unknowingly. • It’s a major security risk—developers could be losing control of their apps without realizing it. • Apple’s policies do not explicitly warn against this kind of practice, which leaves developers vulnerable. I Need Guidance: • Is there an official Apple security team I can report this to? • How can developers safeguard themselves from these kinds of exploits? • Does Apple have a protocol for auditing third-party developer activity within client accounts? I have full documented evidence of this practice, including chat logs, emails, and technical breakdowns. This is a serious issue that needs the right eyes on it. Please advise on the next steps Apple recommends for reporting and addressing this vulnerability. Kindly find my evidence below. https://drive.google.com/drive/folders/1uZnAvJE48OazvSgMYr6-wSB1Ss5rF5r4

Hi! I have set up an APNS API that sends push notifications to update my Apple Wallet pass. I am using the APN library and a .p8 key for APNS push notifications. I keep getting 200 responses and "sent successfully" logs, but Apple Wallet is not receiving the notification. Which configuration or payload should I check to make it work? Thanks

I got a notification that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. Does this affect the push service for Apple Wallet passes or just for apps? I have a push service for Apple Wallet passes but no service for apps. I don't use push notification service for anything other than for Apple Wallet Pass push notifications, not at all for apps. Is there anything I need to do or is this not relevant to my situation? If it does, what do I need to change in order to make sure my service still works? Do I just replace the certificate? Is there a standard path where it would live on the server? I'm sure this is a simple thing, but it's been over a decade since I wrote the push service so I'm pretty rusty.

When integrating the Wallet Extension, after clicking my app icon from the "From Apps on Your iPhone" list, I encountered the message: "Cannot Add Card. '***' is not responding. Wait a few minutes and try again. If the problem continues, contact the card issuer's customer service" instead of the configured login page appearing as expected. What could be causing this issue, and how should I resolve it?

We have integrated the card provisioning in Apple wallet for quite sometime now through an external processor and we got the App Entitlement for the same. Now we are building the card provisioning in Apple Wallet flow in our app. Though everything seems to work fine (including issuer certificates, nonce etc.) but when we are clicking on ADD button on card details screen, I am getting an error saying "Could Not Add Card". When I inspect the error from didFinishAddingPaymentPass, it reads "The operation couldn’t be completed. (PKPassKitErrorDomain error 2.)". Though the Apple documentation suggests it as an unsupportedVersionError but it does not say anything beyond that. I want more detailed explanation because of which I am getting this error

I have a pass type id that expired. I created a CSR in keychain access on my Mac. I uploaded the CSR and generated a new cert. I downloaded the new cert and imported into keychain access. I don't see the associated private key and I cannot export a .p12 certificate. It's possible I started with the wrong key to generate the CSR or maybe I inadvertently deleted key while trying to locate the cert after importing. I'm not sure how to determine which. I do still have the private key from the cert that expired. But, I cannot figure out how to sign a cert again, my only option now is download. I've been searching the forum and while there may be an answer, I may just be looking for the wrong thing. I could use some help if anybody would be so kind.

I am developing an app to add Discover cards to Apple Wallet. Unlike Visa, MasterCard, etc., Discover does not have APIs that return activationData, encryptedPassData and ephemeralPublicKey for a given card, so I have created a backend server to handle this. In my server, I am unsure how to generate the ephemeralPublicKey. Do I need to use the merchant certificate? If so, how do I use it to generate the ephemeralPublicKey? I would appreciate it if someone could provide me with a step-by-step guide on how to generate ephemeralPublicKey for provisioning a card.

Hello My app has implementation of In App Provisioning which is working fine. We have now added Wallet Extensions to it, but my App is not shown in Apple Wallet "From apps on your iphone" I have uploaded Feedback (FB16450547) at https://feedbackassistant.apple.com/feedback/16450547 Kindly request for your advice

Hello! I am getting undefined in the values ​​of authorization and passesUpdatedSince when devices send a GET request to the v1/devices/{deviceLibraryIdentifier}/registrations/{passTypeIdentifier}?passesUpdatedSince={previousLastUpdated} route. Should I double check any settings? Because if I test it trhough postman works like a charm. POST or DELETE requests to v1/devices/{deviceLibraryIdentifier}/registrations/{passTypeIdentifier}/{serialNumber} to work perfectly from device as well. Both receive the correct parameters from the device and can be authenticated to execute the corresponding methods. I hope I have luck in getting some guidance :) Thank you!

Hello, I'm building an expense management app and have the necessary FinanceKit entitlements. However I'm based in India and hence do not have access to an Apple Card. Is there anyway to test FinanceKit with some sort of mock data? I have tried following the developer documentation and built a minimal implementation to share via Testflight to my users. However it's failing to get any transaction data. I'm unable to debug the code myself and if anyone here has valid entitlements along with Apple Card, I'd appreciate if you could debug an example project I made below: https://github.com/tanmays/FinanceKitExample Feedback #FB14136552

Hello, We have implemented In-App Verification using both SMS and mobile app options. While SMS functions as expected, selecting the mobile app for verification in the Wallet app does not open our app on the first attempt. Instead, the verification window simply dismisses. However, if I select "Complete Verification" again and choose the mobile app, deep linking works as expected, and our app opens correctly. This issue occurs with any bank card and app I’ve tested in Wallet. Could this be a bug in the Wallet app where deep linking fails on the first attempt but works on the second?

I'm having trouble displaying the Apple Wallet pass logo on iOS 18 when a notification occurs. It works on iOS 17 but not on iOS 18 (tested on versions 18.1 and 18.3). I ensured the Wallet pass icon sizes are correct: icon.png → 29×29 icon@ 2x.png → 58×58 icon@ 3x.png → 87×87 Questions: Has Apple changed any requirements for displaying Wallet pass logos in iOS 18? Are there new size, format, or metadata constraints?

I am fallowing the steps mention here https://developer.apple.com/wallet/get-started-with-verify-with-wallet/ and https://developer.apple.com/documentation/passkit/requesting-identity-data-from-a-wallet-pass to run a POC in simulator but I am getting a crash DigitalPresentmentSession requestDocument fatal error from xpc: This app has crashed because it called an API it is not entitled to use. :0: Fatal error: This app has crashed because it called an API it is not entitled to use.

Hello, I am facing a problem when trying to start the Wallet Extension Flow. It seems that even though the override func status(completion: @escaping (PKIssuerProvisioningExtensionStatus) -> Void) of the PKIssuerProvisioningExtensionHandler is called, the override func passEntries(completion: @escaping ([PKIssuerProvisioningExtensionPassEntry]) -> Void) is not called. Note that this issue is reproduced in a device with iOS 18.1 whereas it is working correctly in a device with iOS 17.4. Has something changed regarding the Wallet Extension in iOS 18.1 and above?

When integrating the Wallet Extension, after clicking my app icon from the "From Apps on Your iPhone" list, I encountered the message: "Cannot Add Card. '***' is not responding. Wait a few minutes and try again. If the problem continues, contact the card issuer's customer service" instead of the configured login page appearing as expected. What could be causing this issue, and how should I resolve it?

Hello, we are developing in app provisioning of our American Express network cards. After clicking add to apple wallet in our app, I launch the PKAddPaymentPassViewController and click next. It loads for a few seconds and then I get: [<private>] ProvisioningOperationComposer: Step '<private>' failed with error Error Domain=PKProvisioningErrorDomain Code=5 UserInfo={PKErrorHTTPResponseStatusCodeKey=500} Does anyone have any insight on what this error means?

This error occurs in Apple Pay Wallet In-App Provisioning Flow for Credit / Debit Cards When the data received from the PNO (Visa) is passed to PKAddPaymentPassRequest this error is seen in addPaymentPassViewController, in the finalize stage. Docs provide no clue as to what could be wrong. iOS 18.2.1 XCode 15.2 Error description mentions "unsupportedVersionError" Is the pass version not supported? Is the wallet version not supported? Is it an app implementation error or error in the data received from the PNO?

We have recently begun testing in our production environment and have been unable to push provision any cards, receiving a 500 error: default 11:15:59.136742-0300 PassbookUIService Response: https://pr-pod9-smp-device.apple.com:443/broker/v4/devices/SEID_NUMBER/cards 500 Time profile: 0.486102 seconds { x-conversation-id = "52463d9f488e428f829633a1518ea72d" Vary = "accept-language" Content-Type = "application/json" x-pod = "pr-pod9" x-keystone-correlationid = "058F11DE-839F-47AC-A623-741BF32CEA80" Date = "Thu, 16 Jan 2025 14:15:58 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "81" x-envoy-upstream-service-time = "172" x-pod-region = "paymentpass.com.apple" } { statusCode = 500; statusMessage = "Broker Service Response exception"; } In 05/2024 we received an e-mail from applepayentitlementsapple.com confirming the granting of in-app provisioning entitlements for our production apps. We've already sent a feedback on Feedback Assistant. Here is the code to track: FB16344669. Also, we sent another e-mail to applepayentitlementsapple.com, Case-ID: 11317916, but we haven't received a reply yet. Can you help us? We are concerned, since our pre-certification starts on January 27th. Thanks in advance.