We have a checkout page on which clients can configure the providers we've integrated with for each currency. One such provider is Stripe, with which we have already integrated ApplePay and host a merchant domain association file. Now, we're getting requests to support ApplePay with other providers. The issue is that we can't tell Apple to use a different path to domain association file for domain verification. And, replacing the existing domain association file seems like a hack, since I believe it's needed for domain re-verification. We're thinking of using subdomains for serving the domain association files for different providers. But, we have some questions on how ApplePay domain verification works to understand how we can solve our problem. Firstly, can we use subdomains for individual domain verification? If we already have example.com verified with Stripe, can we serve the domain association file for the other provider with provider.example.com and have the verification work? Secondly, let's say our domain is example.com, and we can use provider.example.com to serve the domain association file and verify the domain. Then on example.com/checkout, will using an iframe with provider.example.com/applepay to host the ApplePay button work? This thread suggests otherwise, but we want to confirm. Lastly, is the only way to make an ApplePay payment for provider.example.com to use that subdomain? So redirecting to provider.example.com/applepay would work? Thanks for your help!

When apple pay on the web does a onshippingcontactselected it appears to truncate the zip code. If I enter: 11111 or 11111-1111 I always get 11111. Is there any way to get the plus 4?

We have an app and we want to add tap to pay for Apple Pay. We'd also like to become a certified Payment Service Provider. What is the process to become a certified PSP?

We have developed Apple Wallet Extension for our App. The in-app provisioning for the card is working. However when we try to add the card from Wallet extension it gives error saying "Your issuer does not yet offer support for this card". From the apple documentation we can see the issues is same as mentioned in Scenario 2 at following link https://applepaydemo.apple.com/in-app-provisioning#8.4 We are getting eligibilityStatus as 0 Below is the response from Wallet captured using SysDiagnosis https://crt-pod1-smp-device.apple.com:443/broker/v4/devices/0434320BCB1A90022306073796318273728D0A367FA927F4/cards 200 Time profile: 1.77856 seconds { x-conversation-id = ...... Content-Type = "application/json" x-pod = "crt-pod1" x-xss-protection = "1; mode=block" Server = "Apple" x-pod-region = "paymentpass.com.apple" regionbrokerurl = "https://crt-pod1-smp-device.apple.com:443/broker" Date = "Wed, 06 Aug 2025 11:39:30 GMT" Content-Length = "488" x-envoy-upstream-service-time = "1400" Strict-Transport-Security = "max-age=31536000; includeSubdomains" cross-origin-opener-policy = "same-origin" x-keystone-correlationid = ...... x-content-type-options = "nosniff" Vary = "accept-language" x-frame-options = "SAMEORIGIN" } { applicationIdentifier = ......; auxiliaryCapabilities = { }; cardType = 4; deviceProvisioningDataExpected = 1; eligibilityStatus = 0; identifier = ......; learnMoreURL = "https://www.apple.com/ae/apple-pay/banks/ae/en-ae.html"; nonce = ......; paymentApplications = ( { appletTypeIdentifier = Argon; paymentType = Credit; } ); region = "paymentpass.com.apple"; sanitizedPrimaryAccountNumber = 7008; sanitizedPrimaryAccountPrefix = ""; }

First double charge in a same item, i ask the game developer they accept my refund request, but i don’t know why apple rejected my request, they said i haven’t strongly support? how can i send him the support? there are no attach button allow me the send him the conversatio via email. Then suddenly charge me 2 times i haven’t buy item. i request refund they also rejected…why? i didn’t get anything from the game but i had pay already. who can help me to get back my money. totalHK188 miss charged. this is not fair they stole my money. i don’t know why the game developers accept my refund request, who gave apple the right to reject

Is there a way to make a subscription's auto-renewal fail in sandbox environment? Currently, I see no such options (screenshot)

The details provided in this documentation do not seem have instructions on configuring authentication for the user webhook. I plan on using oauth with the webhook, but I do not know where to provide the relevant issuer and client id/secret to the merchant token management service.

When running the test app with test flight before actually opening the app, the execution region is Korea and the country code is Korea, but the currency code on the payment screen is displayed as dollars or euros instead of won. In the payment settings, the currency code is set to won for Korea and dollars for the United States, and the European region is not set at all, but in some phones it is displayed as euros, and in some phones it is not like this, and in some cases it is displayed as won normally.

Hi All, We operate a store with a single domain but multiple merchants, some of whom use PayPal as their payment gateway, while others use Stripe. We are looking to introduce Apple Pay for the various merchants. From what I understand, a .well-known file is required for each merchant to enable Apple Pay. How can we implement this, given that our merchants are using different payment gateways? Best regards, Joe

Dear Apple team and developers, We integrated Apple Pay E-Commerce on our system and made successful transaction at January using following certificates. Merchant Identity Certificate (generated from our Apple developer account) Payment Processing Certificate (generated from our Apple developer account) Payment Session Server Certificate (used following command and generated from apple-pay-gateway-cert.apple.com:443 test URL) Command: openssl s_client -connect apple-pay-gateway-cert.apple.com:443 -key MIC_priv.key -cert MIC_merchant_id.pem -showcerts | openssl x509 -outform DER > apay_ident_trusted_cert_test.der Root CA G3 (Downloaded “Apple Root CA – G3 Root” from https://www.apple.com/certificateauthority/ ) But at this month, we got new certificate problem (please check following) when we try to execute Apple Pay E-Commerce transaction. Certificate 'C=US,O=Apple Inc.,OU=Apple Certification Authority,CN=Apple Application Integration CA - G3' is not valid Certificate. What is this certificate? And Where can I download or generate this certificate from? Could you please advise/give us good information for this certificate problem? Best Regards, Bilguun Enkhbaatar

Hi Support, When the applepay express transit option is used on emv payment cards, like this iPhone - Open “Settings” → “Wallet & Apple Pay” → “Express Transit Card”. And a emv single card has been enabled under Express Transit And on transit reader Apple Enhanced contactless Polling support is provided, ( with VAS not supported, user authentciation not supported) Sometimes ATQB response also comes from the iPhone or iWatch instead of the ATQA response, and then it causes the transit reader to report as collision error in the polling. Sequence of the packets: WUPA WUPB ECP frame WUPA WUPB ATQB WUPA ATQA

I'm implementing Apple Pay in my Flutter web app and I'm following the guidelines for domain verification using the apple-developer-merchantid-domain-association file. When I access the file at https://mydomain.com/.well-known/apple-developer-merchantid-domain-association through my web app, the browser silently downloads the file instead of displaying its content on the webpage. My question is: Is this the expected behavior for the apple-developer-merchantid-domain-association file? Should the browser download the file silently, or is there another step required, such as displaying the content on the webpage for verification purposes? I've consulted some resources and they indicate that the file download is the correct behavior. However, I'd appreciate confirmation from the community to ensure I'm implementing the verification process correctly. Summary is how do we know if apple has verified it?

We are on a .NET ecommerce site hosted on AWS on a windows 2012R2 server. We have apple pay for the web integrated on the site and the certificates (merchant id and apple pay) were set to expire shortly. We created a new merchant id and apple pay cert, however we are now stuck as the new merchant ID certificate doesn't appear to be working although the old one did. Note there have been no code changes. Basically the apple pay process is failing on the merchant validation. Here are the steps we took: Created a CSR in Keychain Access Generated a Merchant ID cert in the Apple Developer account with that CSR. Imported the Merchant ID cert back into Keychain Access and exported as a p12 file the cert and the private key used to generate the CSR. Imported the p12 file into Windows 2012 R2. I can see in our debugging that the new certificate is being loaded but a SSL/TSL connection couldn't be made. So it seems there is an issue with the cert. Has anyone encountered this? I'm out of ideas at this point and under a lot of pressure from management to fix what was supposed to be a routine maintenance issue. If anyone has any ideas, that would be greatly appreciated.

Earlier this year implemented saving event tickets to Apple Wallet (and Google Wallet, which was painful by comparison!), as an optional alternative to recipients leaving the QR Codes in email or printing them. Scanning barcodes on entry is done using camera on phones (either iPhone or Android). This is a somewhat pressured situation with lots of people needing scans in quite a short period of time. I do not do this myself but I do get feedback. it was reported to me that Apple Wallet barcodes are significantly harder to scan accurately than those in Google Wallet. They think that is because the Apple QR Codes are quite a bit smaller (and presumably harder, therefore, to get focussed properly). They do work, it just takes longer to get a successful scan. This doesn’t seem to be anything I can control, and there seems to be plenty of space to make them bigger, even on my iPhone mini. These aren’t terribly dense barcodes; I imagine they would be harder still if they were. I also guess specialised barcode readers might do better, but we don’t have that luxury. I’d appreciate it if they could be bigger when displayed in Apple Wallet, or at least to have that as an option.

Can i use apple pay integration into my web iframe?In my situation, canMakePayment() returns null when i check browser support apple pay or not in Iframe

We have implemented In-App Provisioning, but when I start the tokenization process, I receive an error before the terms and conditions. We are testing with a version of the app on TestFlight. The error message is: Could not add card. Try again later or contact your card issuer for more information. Could you please help me?

I am working on implementing merchant token notifications. When calling this endpoint https://developer.apple.com/documentation/merchanttokennotificationservices/merchant-token-event-retrieval, the result contains a CardMetadata object with an expirationDate field (see https://developer.apple.com/documentation/merchanttokennotificationservices/cardmetadata). What is the format of this field? The spec only mentions that it has a maximum length of 8 characters.

Hello! I have a requirement to read the ICC Public Key Certificate from an EMV credit card to implement a payment validation flow. Aa far as I understand, I can't use Core NFC for that task since it is not supposed to be used for reading sensitive credit card data and it might be rejected by Apple. I'm trying to use Tap To Pay as it seems to offer some general card details. Since Apple's documentation on this side is pretty limited, I'm struggling to understand what is a PaymentCardReader.Token and how can I create one? Can anyone please help me with setting up Tap to Pay?

multiTokenContexts is defined as follows (https://developer.apple.com/documentation/passkit/pkpaymentrequest/multitokencontexts) You can assign a value when initializing PKPaymentRequest (https://developer.apple.com/documentation/passkit/pkpaymentrequest). However, in actual usage scenarios, when the Apple Pay address changes and PKPaymentRequestShippingContactUpdate (https://developer.apple.com/documentation/passkit/pkpaymentrequestshippingcontactupdate) is triggered, how to update multiTokenContexts? The documentation and code do not provide updates for this parameter. In contrast, Apple Pay on the Web provides newMultiTokenContexts as an update when ApplePayShippingContactUpdate (https://developer.apple.com/documentation/apple_pay_on_the_web/applepayshippingcontactupdate) is triggered. Has anyone encountered this problem? Would you happen to have any solutions? Thank you.

Hi team, I'm currently trying to add a specific subdomain (with a path) to Apple's Sandbox domain list, but it seems Apple only allows the main domain to be entered. Due to strict client security policies, we aren't allowed to use just the main domain, which is creating a roadblock in our implementation. Is there any way to add a full subdomain or URL path to the Sandbox configuration? I'm happy to join a call to explain the scenario further if that would help. Thanks in advance for your support!