Hi, You're here because you've had issues with your implementation of Wallet Extensions for Apple Pay In-App Provisioning or In-App Verification. To prevent sending sensitive credentials in plain text, create a new report in Feedback Assistant to share the details requested below with the appropriate log profiles installed. Gathering Required Information for Troubleshooting Apple Pay In-App Provisioning or In-App Verification Issues While troubleshooting Apple Pay In-App Provisioning or In-App Verification, it is essential that the issuer is able to collect logs on their device and check those logs for error message. This is also essential when reporting issues to Apple. To gather the required data for your own debugging as well as reporting issues, please perform the following steps on the test device: Install the Apple Pay and Wallet profiles on your iOS or watchOS device. If the issue occurs on Mac, continue to Step 2. Reproduce the issue and make a note of the timestamp when the issue occurred, while optionally capturing screenshots or video. Gather a sysdiagnose on the same iOS or watchOS device, or on macOS. Create a Feedback Assistant report with the following information: The bundle IDs App bundle ID Non-UI app extension bundle ID (if applicable) UI app extension bundle ID (if applicable) The serial number of the device. For iOS and watchOS: Open Settings > General > About > Serial Number (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > Serial Number. The SEID (Secure Element Identifier) of the device, represented as a HEX encoded string. For iOS and watchOS: Open Settings > General > About > SEID (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > System Report > NVMExpress > Serial Number. The sysdiagnose gathered after reproducing the issue. The timestamp (including timezone) of when the issue was reproduced. The type of provisioning failure (e.g., error at Terms & Conditions, error when adding a card, etc.) The issuer/network/country of the provisioned card (e.g., Mastercard – US) Last 4 digits of the FPAN Last 4 digits of the DPAN (if available) Was this test initiated from the Issuer App? (e.g., yes or no) The type of environment (e.g., sandbox or production) Screenshots or videos of errors and unexpected behaviors (optional). Important: From the logs gathered above, you should be able to determine the cause of the failure from PassbookUIService, PassKit or PassKitCore, and by filtering for your SEID or bundle ID of your app or app extensions in the Console app. Submitting your feedback Before you submit to Feedback Assistant, please confirm the requested information above is included in your feedback. Failure to provide the requested information will only delay my investigation into the reported issue within your Apple Pay client. After your submission to Feedback Assistant is complete, please respond in your existing Developer Forums post with the Feedback ID. Once received, I can begin my investigation and determine if this issue is caused by an error within your client, a configuration issue within your developer account, or an underlying system bug. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

Hi, To ensure the issue is not caused by an error within your app or web service request, please review the Apple Pay Merchant Integration Guide. Additionally, please review the following technotes on Apple Pay: TN3173: Troubleshooting issues with your Apple Pay merchant identifier configuration TN3174: Diagnosing issues with the Apple Pay payment sheet on your website TN3175: Diagnosing issues with displaying the Apple Pay button on your website TN3176: Troubleshooting Apple Pay payment processing issues If the resources above don’t help identify the cause of the error, please provide more information about your app or web services to get started. To prevent sending sensitive credentials in plain text, create a report in Feedback Assistant to share the details requested below. Additionally, if the error is something we need to investigate further, the appropriate engineering teams also have access to the same information and can communicate with you directly within Feedback Assistant for more information, as needed. Please follow the instructions below to submit your report. For issues occurring with your native app or web service, perform the following steps: Install the Apple Pay profile on your iOS or watchOS device. If the issue occurs on Mac, continue to Step 2. Reproduce the issue and make a note of the timestamp when the issue occurred, while optionally capturing screenshots or video. Gather a sysdiagnose on the same iOS or watchOS device, or on macOS. Create a Feedback Assistant report with the following information: The serial number of the device. For iOS and watchOS: Open Settings > General > About > Serial Number (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > Serial Number. The SEID (Secure Element Identifier) of the device, represented as a HEX encoded string. For iOS and watchOS: open Settings > General > About > SEID (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > System Report > NVMExpress > Serial Number. The sysdiagnose gathered after reproducing the issue. The timestamp of when the issue was reproduced. Screenshots or videos of errors and unexpected behaviors (optional). Important: From the logs gathered above, you should be able to determine the cause of the failure from PassbookUIService, PassKit or PassKitCore, and by filtering for your SEID or merchant domain in the Safari Web Inspector. See Inspecting Safari on macOS to learn more. Submitting your feedback Before you submit to Feedback Assistant, please confirm the requested information above is included in your feedback. Failure to provide the requested information will only delay my investigation into the reported issue within your Apple Pay website. After your submission to Feedback Assistant is complete, please respond in your existing Developer Forums post with the Feedback ID. Once received, I can begin my investigation and determine if this issue is caused by an error within your web implementation, a configuration issue within your developer account, or an underlying system bug. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

Hi, I’m encountering an issue in my app’s Wallet Extension, specifically within the Non-UI Extension, where we are unable to retrieve payment passes bound to a user’s account. The same code that successfully retrieves these bound cards in the main app does not work when used in the Non-UI Extension. Case-ID: 8932090 Steps to Reproduce: Set up In-App Provisioning: Ensure that the app has the necessary In-App Provisioning permissions. This functionality works correctly in the main app, confirming that the permissions are properly configured. Configure Wallet Extensions: Follow the Wallet Extensions documentation to configure the app, including all required settings for the Non-UI Extension. Add Code to Retrieve Payment Passes: In the main app’s LoginView, implement the following code in the handleLogin() method to retrieve payment passes: // Get the identifiers of payment passes that already exist in Apple Pay. paymentPassLibrary = self.passLibrary.passes(of: .secureElement) for pass in paymentPassLibrary { if let identifier = pass.secureElementPass?.primaryAccountIdentifier { if pass.isRemotePass && pass.deviceName.localizedCaseInsensitiveContains("Apple Watch") { remotePassIdentifiers.insert(identifier) } else if !pass.isRemotePass { passIdentifiers.insert(identifier) } } } Verify Functionality in Main App: Run the app and verify that the code successfully retrieves the payment passes bound to the user’s account. Implement Code in Non-UI Extension: Add the same code to the Non-UI Extension, specifically in the WNonUIExtHandler class within the override func status(completion: @escaping (PKIssuerProvisioningExtensionStatus) -> Void) method. Test in Wallet Extension: Run the Wallet Extension and observe that the payment passes are not retrieved when the code is executed in the Non-UI Extension. Has anyone encountered a similar issue or can provide insight into why the code might not work in the Non-UI Extension compared to the main app? Support Information: iOS Version: 17.5.1 Development environment: Xcode 15.4 (15F31d), macOS 14.3 (23D56) Any help or suggestions would be greatly appreciated. Thank you!

Recently, we completed a merger with our parent company. We are currently integrated with Apple Pay in accordance with the “Apple Pay Payment Processing on the Web” guidelines. Due to the change in the legal entity, we proceeded with the account migration process as outlined below: Creation of a new Apple Developer account and a new Apple Pay Identifier Removal of the Merchant Domain (dc2-web.happy.co.kr) from the existing Identifier Registration of the Merchant Domain (dc2-web.happy.co.kr) under the new Identifier Using the Merchant Domain registered under the new Identifier and the Apple Pay Merchant Identity Certificate issued from the new Identifier, we attempted to obtain an Apple Pay session by sending requests to the following endpoint: https://apple-pay-gateway.apple.com/paymentservices/startSession However, we are intermittently receiving failure responses with an HTTP 400 status code. With regard to these intermittent failures, we would like to inquire whether there is any propagation delay on Apple’s servers when an Apple Pay Identifier is removed and re-registered under a new account, or if there could be any other possible causes for this behavior. We would appreciate your guidance on this matter.

Hello Dear Network, We are developing a banking application and are implementing Apple Wallet In-App Provisioning with Wallet UI and Non-UI extensions. Our App Store submission fails with the error: "Missing entitlement com.apple.developer.payment-pass-provisioning" for both Wallet UI and Non-UI extensions. In the Apple Developer portal, we do not see the "Apple Pay" or "In-App Provisioning" capabilities available for our App ID or extension App IDs. We would like to request enablement of: Apple Pay Payment Pass Provisioning In-App Provisioning for our Apple Developer Team and related App IDs. Please let us know what we need to do for can upload build with that Entitlements, what can be problem? Thank you.

We’re attempting to call the Apple Pay Web Merchant Registration API using our Platform Integrator flow and consistently receive 401 Unauthorized, despite successful TLS/mTLS. Details: Endpoint: https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant (POST) Payload: { "domainNames": ["breakerfy.com"], "encryptTo": "platformintegrator.ai.packman", "partnerInternalMerchantIdentifier": "merchant.ai.packman.1", "partnerMerchantName": "breakerfy", "merchantUrl": "https://breakerfy.com" } Domain association: URL: https://breakerfy.com/.well-known/apple-developer-merchantid-domain-association What we tried: We created a Payment Platform Integrator ID (platformintegrator.ai.packman) We created a CertificateSigningRequest We used the certificate signing request to create an Apple Pay Platform Integrator Identity Certificate and downloaded the signed certificate. We exported the Private Key from keychain access in PKCS 12 format We converted both the private key and the signed certificate to PEM format We created a merchant id We used the converted keys to send requests to the API We received { "statusMessage": "Payment Services Exception Unauthorized", "statusCode": "401" } we also tried curl with the original p12 file and also had no luck. What could be the issue ?

Hi, When I try to add a card to wallet, I get this PKPassKitErrorDomain Code=2 error from my logs, and from the SysDiagnose, I get some more detailed error log Error details: Date: December 15, 2025 Time: 15:16 UTC Request URL: https://nc-pod9-smp-device.apple.com:443/broker/v4/devices/041B4183BA1490022104102123315131EBFE2BE7… Response: HTTP Status: 500 – Internal Server Error Time profile: 0.505452 seconds Response headers: Server: Apple Content-Type: text/html X-Content-Type-Options: nosniffStrict-Transport-Security: max-age=31536000; includeSubdomainsDate: Mon, 15 Dec 2025 15:16:59 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=blockCross-Origin-Opener-Policy: same-origin Content-Length: 170 Connection: close Response body: Anyone have faced this problem before?

Scenario User is actively subscribed to Monthly Package From the Device App (Manage Subscriptions), user upgrades to Yearly Package Purchase completes successfully on device Issue Do not receive any server notification for this action Month Package Purchase Date: 2025-11-11 19:06:45.537 +0600 Month to Yearly Upgradation Date: 2025-12-11 paymentReferenceId: 510002270528780

Hello, Apologies if this has been asked before but I have a website that takes subscriptions and payments through PayPal. It's a platform where authors can sell ebooks and anyone who purchaes an ebook, the money goes pretty much directly from the buyer's PayPal to the seller PayPal through the use of PayPal Multiparty where my platform acts as a third party that takes a fee. I'm currently building a React-Native app for my website and coming close to needing to integrate payment solutions. As far as I'm aware, Apple only allows Apple Pay payments for IAP and subscriptions? How would this work for my model? Can I integrate PayPal into Apple Pay like I do with my website? If not, what's the alternative?

I'm seeking clarification on how Requirement 4.1 ("Card Issuers with a Mobile App must support In-App provisioning") applies when the card issuer uses a third-party mobile banking platform rather than a self-developed app. Our situation: We are a small credit union (the card issuer) Our mobile banking app is provided by a third-party digital banking vendor (white-label, but branded with our name) Card processing is handled by a separate vendor The ambiguity: The Apple Pay Specifications define "Card Issuer Mobile App" as: "The Card Issuer-branded, iOS software application made available on a Device that is used by such Card Issuer's customers to manage, administer, or use Cards." Our mobile banking app meets this definition—it's branded with our name and used by our members to manage their accounts and cards. However, we don't develop or directly control the app; our digital banking vendor does. The webinar FAQ stated: "Do we have to implement in-app provisioning? Yes, if you have an app." Our digital banking vendor interprets this as not applying to them because they are "not the issuer." They've stated: "Apple's requirements are at the card-processor level... our credit unions and, by extension, we are not required to support Apple Pay's in-app provisioning." Our card processor has indicated they will support in-app provisioning integrations but notes "this would be digital provisioning and we would need the digital banking vendor to work with us to enable." Specific questions: When a card issuer uses a third-party mobile banking app (branded for the issuer but developed/maintained by a vendor), does Requirement 4.1 apply? If yes, who bears compliance responsibility—the issuer, the mobile app vendor, or both? If the mobile app vendor does not implement in-app provisioning by January 15, 2026, what is the issuer's exposure? Does the issuer face suspension from the Program due to vendor non-compliance? Is there an alternative compliance path under Requirement 4.8 (Web Provisioning) for issuers whose mobile app vendors cannot deliver in-app provisioning by the deadline? This scenario likely affects hundreds of small financial institutions using shared digital banking platforms. Clarity on vendor vs. issuer responsibility would help the entire ecosystem prepare appropriately. Thank you.

We are a regulated financial institution and Apple Pay issuer seeking clarification on the in-app push provisioning requirement and the January 15, 2026 timeline. Like many community financial institutions: Our mobile banking app is issuer-branded but provided by a third-party vendor Apple Pay enablement and tokenization are handled by a separate card processor While we support Apple’s goals and understand the issuer is ultimately responsible, delivery of in-app provisioning is dependent on third-party vendor roadmaps and cross-vendor integrations that are outside our direct control. Despite active, good-faith efforts with both vendors, current platform constraints make the January 15, 2026 deadline challenging. We would appreciate clarification on: How Apple evaluates compliance when an issuer’s mobile app is built and maintained by a third party Whether any transitional flexibility or phased enforcement is expected for issuers showing documented progress Whether approved web-based provisioning may be acceptable as an interim option How issuers should document due diligence when vendor dependencies delay implementation Additional guidance would help many credit unions and community banks plan appropriately and remain compliant. Thank you for your guidance.

Hi everyone, I have a question regarding App Store approval. In my country, Apple In-App Purchases are not supported, so for users in unsupported regions we need to use a third-party payment provider. For countries where In-App Purchases are supported, we plan to use Apple IAP. Could you please advise on the correct approach to ensure the app complies with App Store guidelines and can be approved?

Two subscriptions, Plus and Max, are under the same subscription group, with Max having a higher tier than Plus. Promotional Offers for Max are configured in Apple Store Connect. When a user subscribes to Plus and then upgrades to Max using Promotional Offers, they are prompted with "Upgrade upon expiration" (Figure 1); if they don't use Promotional Offers, they are prompted to "Upgrade immediately" (Figure 2). Question 1: What is the situation with the "upgrade upon expiration" message in Figure 1? Is upgrading using Promotional Offers special? I couldn't find any relevant explanation in Apple's technical documentation. Question 2: Figure 1 shows an "upgrade upon expiration," but after subscribing, the webhook still shows the subscription start time as the current time, meaning the upgrade hasn't started immediately. Is the message incorrect?

I recently created a Sandbox account and successfully added an Apple Pay test MasterCard to the sandbox Wallet to run a test. Yesterday, I created a different account and tried to add a MasterCard on another device, but I received a "Card device limit" error. I then deleted the card from the original device (where it had been successfully added) and tried to re-add it, but this device also failed. I was able to confirm that a JCB card can be added, but I need to test with MasterCard. What should I do to resolve this?

I've encountered an issue where we need multiple domain associations with separate Apple Pay implementations. Briefly, we have a /.well-known/apple-developer-merchantid-domain-association already setup with Stripe, and now we need another, different version of the file to get setup with FreedomPay. FreedomPay insists this file represents a three-way relationship between all parties and I have no reason to disbelieve them. I'm wondering if anyone has encountered this or if there is a standard procedure. I'm currently trying to find documentation on the exact way Apple Pay verification interacts with this file to see if we can produce it dynamically.

For Apple Pay Testing purposes, we're trying out cards from https://developer.apple.com/apple-pay/sandbox-testing/ Visa, AMEX, Discover cards can be added to the wallet. But all 5 of the listed options for Mastercard cannot be added to the wallet with the error "Card Device Limit". How can we resolve this?

During Apple Pay in-app provisioning (EV_ECC_v2), our iOS app successfully obtains the issuer provisioning certificates and generates cryptographic material. The flow fails when Apple posts the card blob to Apple’s broker (card creation step), returning HTTP 500 from .../broker/v4/devices/{SEID}/cards. Steps: Call issuerProvisioningCertificates?encryptionVersion=EV_ECC_v2 → 200 OK; returns ECC leaf + Apple Root CA chain; nonce=2a831be4. 2. Build {encryptedCardData, activationData, ephemeralPublicKey} 3. POST /broker/v4/devices/{SEID}/cards Expected: 200 OK on /broker/v4/devices/{SEID}/cards, or 5xx with a descriptive error if payload/cryptography is invalid. Observed: 500 Internal Server Error from Apple broker on /cards (labeled “eligibility” in PassKit logs), causing a terminal failure in Wallet UI.

I am facing a problem of payment using credit card. I tried several banks and cards without any result. I also used one of the card I have successfully paid another account. Heeeeelp

Bank Accounts details are outdated and status is stack on processing with error: "Your banking updates are processing, and you should see the changes in 24 hours. You won't be able to make any additional updates until then." This is now stack for a few years since we activated a previous Apple developer account. we must change banking details as it holds up development of an app with in-app purchases. Finance department has been contacted and they do not answer What shall we do? senior support staff keep referring to finance department and is not helping

Hello, I’m experiencing a strange issue with a newly created Subscription Group in my iOS app. For all my existing subscription groups, everything works perfectly — initial purchase, renewals, cancellations, all notifications arrive normally. But for this one newly created group, the first purchase never triggers any server notification from App Store Server Notifications (ASSN). ⸻ 📘 Problem Summary • I created a new Subscription Group in App Store Connect. • The products are all Approved and Published for over a week. • Users can successfully purchase the subscription in production. • The purchase is shown as Purchased in the App Store purchase UI. • The receipt can be fetched locally on device. • But my server receives no notifications, including: • DID_RENEW • DID_CHANGE_RENEWAL_STATUS • SUBSCRIBED • ONE_TIME_CHARGE • CONSUMPTION_REQUEST • etc. The old subscription groups still send notifications normally, so the notification URL and server infrastructure are correct.

Hello, I'm using PassKit with to perform Apple Pay payment in a financial application. Our approach are: On iOS application, define PKMerchantCapability threeDSecure and credit, perform apple pay experience and get the encrypted response. On PCI service, receive the encrypted data Payment token, decrypt this data, and use to perform the payment. The problem is, in MasterCard transaction the eciIndicator is missing. I want to know if has some rule or problem about it.