Body: Hello, We are currently implementing iOS order verification and have encountered an issue. Some of the receipts we verify return with an empty in_app array, which makes it impossible to determine whether there is a valid in-app purchase. Below is the code we’re using for verification and the result we receive: Code Example: public function iosVerifyReceipt($receipt, $password = '', $sandbox = false) { $url = $sandbox ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt'; if (empty($password)) { $data = json_encode(['receipt-data' => $receipt]); } else { $data = json_encode(['receipt-data' => $receipt, 'password' => $password]); } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); curl_close($ch); $result = json_decode($result, true); $result = $result ?? []; $result['sandbox'] = $sandbox; if ($result['status'] != 0) { Log::warning('ios verify receipt failed', ['receipt' => $receipt, 'result' => $result, 'sandbox' => $sandbox]); if ($result['status'] == 21007) { return $this->iosVerifyReceipt($receipt, $password, true); } } return $result; } // Order validation check if (empty($result) || $result['status'] != 0) { throw new BadRequestHttpException("Ios Order Verify Error"); } $appItemId = $result['receipt']['app_item_id'] ?? ""; if ($appItemId != MY_APP_ID) { throw new BadRequestHttpException("Ios Order Verify Error"); } $inApp = array_filter( $result['receipt']['in_app'] ?? [], function ($item) use ($transactionId,$order) { return $item['transaction_id'] == $transactionId && $item['product_id'] == $order->getProductId(); } ); if (empty($inApp)) { throw new BadRequestHttpException( "Ios Order Verify Error"); } Array ( [receipt] => Array ( [receipt_type] => Production [adam_id] => * [app_item_id] => * [bundle_id] => * [application_version] => 5511 [download_id] => * [version_external_identifier] => * [receipt_creation_date] => 2025-02-11 04:06:47 Etc/GMT [receipt_creation_date_ms] => * [receipt_creation_date_pst] => 2025-02-10 20:06:47 America/Los_Angeles [request_date] => 2025-02-11 15:54:56 Etc/GMT [request_date_ms] => * [request_date_pst] => 2025-02-11 07:54:56 America/Los_Angeles [original_purchase_date] => 2025-02-11 04:02:41 Etc/GMT [original_purchase_date_ms] => * [original_purchase_date_pst] => 2025-02-10 20:02:41 America/Los_Angeles [original_application_version] => * [preorder_date] => 2025-01-17 21:12:28 Etc/GMT [preorder_date_ms] => * [preorder_date_pst] => 2025-01-17 13:12:28 America/Los_Angeles [in_app] => Array ( ) ) [environment] => Production [status] => 0 [sandbox] => )

When I click to my Apple Pay button, my function below doesn't trigger the completeMerchantValidation method as expected, but the oncancel method (which logs errorCode "unknown" in Safari developer tools) : const processApplePayment = async () => { if (window.ApplePaySession) { const session = new window.ApplePaySession(6, { countryCode: 'FR', currencyCode: 'EUR', merchantCapabilities: ['supports3DS'], supportedNetworks: ['visa', 'masterCard'], total: { label: `Bon d'achat ${partnerName}`, type: 'final', amount: cartTotalValue.toString() } }); session.onvalidatemerchant = async event => { try { const merchantSession = await validateMerchantSession(event.validationURL); console.log('merchant session : ', merchantSession); if (!merchantSession) { console.error('Invalid Apple Pay merchant session'); } session.completeMerchantValidation(merchantSession); } catch (error) { console.error('merchant validation error : ', error); session.abort(); } }; session.onpaymentauthorized = async event => { console.log('payment authorization event : ', event); try { const link = await authorizePayment( event.payment.token, userInfo, partnerId, order.id ); console.log('payment authorized link : ', link); window.location.href = link; } catch (error) { console.error('Apple Payment authoriation error : ', error); const errorUrl = `${PATH.EBON_ERROR_PATH}-${partnerId}?paiement=error&orderId=${order.id}`; window.location.href = errorUrl; } }; session.oncancel = event => console.log('Apple Pay cancel event : ', event); session.begin(); } }; The validateMerchantSession function successfully returns this payment session from Apple server : { "epochTimestamp":1739279973502, "expiresAt":1739283573502, "merchantSessionIdentifier":"SSH108C7ED6746A48E38EA8D253D33CCAA5_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C46B0DE5A943F0F94927C24", "nonce":"150de193", "merchantIdentifier":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "domainName":"lesnumeriques-bonsdachat.htmal1.com", "displayName":"Les Numériques", "signature":"308006092a86...779cd643c000000000000", // long string "operationalAnalyticsIdentifier":"Les Numériques:11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "retries":0, "pspId":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A" } What could I do wrong and how could I fix it please ?

I am developing an app to add Discover cards to Apple Wallet. Unlike Visa, MasterCard, etc., Discover does not have APIs that return activationData, encryptedPassData and ephemeralPublicKey for a given card, so I have created a backend server to handle this. In my server, I am unsure how to generate the ephemeralPublicKey. Do I need to use the merchant certificate? If so, how do I use it to generate the ephemeralPublicKey? I would appreciate it if someone could provide me with a step-by-step guide on how to generate ephemeralPublicKey for provisioning a card.

Hi team, We were wondering what's the correct way of configuring a test environment with Apple Pay. Not sure if this is explicitly mentioned in the documentation, but in order to avoid having the same certificates shared between test and production, should we have a different merchant identifier (and pair of certificates) for test purposes only? The above is the main question. However, two follow up questions: Do you know if payment processors usually allow the merchant ID to be configured, so that only payments generated with the prod certificates can be accepted? Is there any risk of someone getting hold of the certificates generated for the test environment (which are usually less safe than production) and using that to process payments in production?

The details provided in this documentation do not seem have instructions on configuring authentication for the user webhook. I plan on using oauth with the webhook, but I do not know where to provide the relevant issuer and client id/secret to the merchant token management service.

So we are developing an NFC reader for a client and one of the requirements was Apple ECP. We submitted a product plan and it was approved and we were given access to the specific documentation for ECP. We are looking to only use Loyalty passes via NFC. Not Apple Pay. We wish to develop passes that have NFC capability and apparently you need another approval for NFC Entitlement. Apple just denied our application. No reason given, just denied. How are we suppose to develop a solution when we can only do one side of the development? Also we are seeing VAS mentioned and believe we also need access to this documentation as well, but no idea where to request it. Nothing in our developer portal or wpc portal. Can someone from Apple please steer us in the right direction. As we understand it we need: Approved hardware product plan (which we have) Access to ECP 2.0 documentation (which we have) Access to VAS protocol documentation (we don't have) NFC entitlement to be able to create NFC enabled passes. Let me know what we need to do or if I am not understanding things correctly. Thanks

Hi - I have a question. I am trying to understand when Apple Pay will be available on non-IOS desktop devices (specifically Google Chrome). I was hoping to understand better the process, specifically the following: How can I get the Apple Pay QR code installed on my desktop checkout page on Google Chrome? How long does this process usually take? If I work with Stripe, do I need to get approval from them to install the Apple QR code onto my Google Chrome checkout page? Is this readily available to all merchants (i.e., installing Apple Pay on Google Chrome)/ I have not seen this on any other checkout pages yet. Are there any examples you could point me to of merchants that have installed Apple Pay onto non-IOS desktop so I could trial the process (i.e., a list of existing merchants that have put the QR code onto their Google Chrome checkout pages)?

Hi, I'm developer in fintech company, we have setup process for onboarding merchants for our partner and processing payments with usage of Apple Pay API. Daily system is processing ca. 10k payments but every day ca. 100 of transactions are declined because of merchant validation error: request to https://apple-pay-gateway.apple.com/paymentservices/paymentSession (with all required parameters in body) is returning response with status code 417 "statusMessage": "Payment Services Exception merchantId={root merchant id} unauthorized to process transactions on behalf of merchantId={merchant id hash} reason={merchant id hash} is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either." Issue impacts recurring merchants, most of their transactions are processed successfully but randomly some of them are failing with such reason. All prerequisites are met: merchant have deployed 'apple-developer-merchantid-domain-association' certificate, certificates are valid and not expired. Apple Support is not able to provide any information based on provided requests timestamps. We would to know what may be the reason just part of the requests are failing and what 417 error code means.

Hello My app has implementation of In App Provisioning which is working fine. We have now added Wallet Extensions to it, but my App is not shown in Apple Wallet "From apps on your iphone" I have uploaded Feedback (FB16450547) at https://feedbackassistant.apple.com/feedback/16450547 Kindly request for your advice

After opening the Apple Pay Popup and try to close the popup (without scanning the QR Code), the oncancel handler (accociated with the created session) doesn't fire. Meanwhile if the merchant scanned the QR code and the UI of the popup changed, then cancel the popup manually (using close (X) button), it fires the session.oncancel event handler. Here is applied setup: const { ApplePaySession } = window; if (!(ApplePaySession && ApplePaySession.canMakePayments())) { return new Error('Apple Pay Session is not available'); } const paymentCapabilities = await ApplePaySession.applePayCapabilities( applePaymentOptionsMetaData.merchantIdentifier, ); if (paymentCapabilities.paymentCredentialStatus === 'applePayUnsupported') { console.error('ApplePaySession is not supported.'); return; } const request = { "countryCode": "KW", "currencyCode": "KWD", "merchantCapabilities": [ "supports3DS" ], "supportedNetworks": [ "VISA", "MASTERCARD" ], "billingContact": { "phoneNumber": "201000000000", "emailAddress": "example@test.com", "givenName": "Ahmed", "familyName": "Sharkawy" }, "total": { "amount": "3.085", "label": "Merchant Testing" } } const session = new ApplePaySession(5, request); session.onvalidatemerchant = async event => { if (debug) { console.info('Creating merchant session and validating merchant session'); console.info('onvalidatemerchant event', event); } try { // Validation Merchant Request session.completeMerchantValidation(data); } catch (error: any) { session.completePayment({ status: ApplePaySession.STATUS_FAILURE }); } }; session.onpaymentauthorized = async (event) => { session.completePayment({ status: ApplePaySession.STATUS_SUCCESS }); }; // This doesn't fire session.oncancel = () => { console.info('EVENT: oncancel'); }; session.begin();

I'm currently working on an AppIntent in my app to import Apple Pay transactions via Transaction triggers in Shortcuts. While I can access the transaction name with the following code: @Parameter(title: "Transaction") var transaction: String I'm not sure how to retrieve the full details of the transaction, including: Card or Pass Merchant Amount Name At the moment, transaction only provides the name as a string, but I need access to the complete transaction data. I know that by selecting specific fields like Amount, Merchant, etc., I can retrieve each piece of data individually, but it would be much easier and more user-friendly to simply retrieve the entire transaction object at once. Has anyone successfully retrieved all details of an Apple Pay transaction in this context, and if so, could you share how to do so?

Hello, I have had a problem with Transaction shortcut automation since last month, the automation does not work anymore. Whenever a transaction is done, I tap in the notification to run the automation but always gives the error "Automation failed". I can confirm the automation worked last month but suddenly it is not working anymore. Below is the screenshort of the error and the other image is how it appeared in numbers when running the automation. As you can see, in Jan 8th worked fine (that is why the full name of the card appears). Actually, the other rows are from another shortcut that I have. I would really appreciate if anyone has any insights about that, or if this happened to you as well. Thanks in advance! Arnold

Can i, personally, create .pkpass for other companies using my apple developer ID? In order to create .pkpass, I need to create passTypIdentifier and teamIdentifier using apple developer ID Is it okay to create those two identifiers and create coupons or membership cards for other companies? I just wonder if it is against the law or developer guide.

My account has reached it's 99 merchant ID limit and I have applied and got approval for using the API that allows me to exceed the limit. I was testing the API according to the documentation in Postman, but I am getting the following error: POST https : //apple- pay-gateway.apple.com/paymentservices/registerMerchant Error: read ECONNRESET Please find below the cURL we are using according to the docs: curl --location 'https://apple-pay-gateway.apple.com/paymentservices/registerMerchant' --header 'Content-Type: application/json' --data '{ "domainNames": "https://checkout.montypay.com", "encryptTo": "merchant.test.montypay", "partnerInternalMerchantIdentifier": "merchant.test.montypay", "partnerMerchantName": "Test" }' Please note that I tried the Live and the sandbox endpoints and both gave the same error.

I am facing an issue while integrating Apple Pay in my React.js application. The onvalidatemerchant callback works perfectly, and the merchant validation is successfully completed. However, after the Apple Pay session is validated, the payment sheet appears briefly and then closes immediately without triggering the onpaymentauthorized event. I have provided the relevant code snippets and API implementation below. I would greatly appreciate your insights on resolving this issue. import React, { useEffect, useRef, useState } from "react"; // Relevant imports const ApplePayButton = ({ paymentType, handlePayment, cartSummary }) => { const [applePaySession, setApplePaySession] = useState(null); const cartSummaryRef = useRef(cartSummary); useEffect(() => { cartSummaryRef.current = cartSummary; }, [cartSummary]); const setupApplePaySession = async () => { if (!window.ApplePaySession || !ApplePaySession.canMakePayments()) { console.log("Apple Pay is not supported on this device/browser."); return; } const paymentRequest = { countryCode: "US", currencyCode: "USD", merchantCapabilities: ["supports3DS"], supportedNetworks: ["visa", "masterCard", "amex"], total: { label: "Total", amount: `${cartSummaryRef.current?.total?.amount || "10.00"}`, }, requiredBillingContactFields: ["postalAddress", "email", "phone", "name"], }; const session = new ApplePaySession(6, paymentRequest); setApplePaySession(session); session.onvalidatemerchant = async (event) => { try { const response = await createAndValidateApplePaySession({ validation_url: event.validationURL, provider: "APPLE_PAY", }); if (response?.status && response?.data?.applePaySession) { const merchantSession = JSON.parse( response.data.applePaySession.session_details ); session.completeMerchantValidation(merchantSession); } else { console.error("Merchant validation failed: Invalid response."); } } catch (error) { console.error(`Merchant validation error: ${JSON.stringify(error)}`); } }; session.onpaymentauthorized = (event) => { console.log("Payment authorized:", event.payment); }; session.oncancel = () => { console.log("Payment cancelled."); }; session.onerror = (event) => { console.error(`Apple Pay error: ${JSON.stringify(event)}`); }; session.begin(); }; return ( <> {paymentType === "APPLE_PAY" && ( )} </> ); }; export default ApplePayButton; createAndValidateApplePaySession = async (data) => { const { validation_url } = data; const apiUrl = ${this.finixUrl}/apple_pay_sessions; const base64Credentials = Buffer.from(this.credentials).toString("base64"); const body = { validation_url, merchant_identity: process.env.FINIX_APPLE_PAY_MERCHANT_ID, domain: process.env.FINIX_APPLE_PAY_DOMAIN, display_name: process.env.FINIX_APPLE_PAY_DISPLAY_NAME, }; const requestData = { url: apiUrl, data: body, headers: { "Content-Type": "application/json", Authorization: Basic ${base64Credentials}, }, }; try { const response = await axios.post(requestData.url, requestData.data, { headers: requestData.headers, }); return response?.data; } catch (error) { console.error("Merchant validation failed:", error); return error; } }; Current Behavior: Apple Pay button renders successfully. Clicking the button triggers the setupApplePaySession function. The merchant validation completes successfully via the onvalidatemerchant callback, and a valid merchant session is received from the API. The Apple Pay sheet appears briefly and then closes immediately. The onpaymentauthorized callback is never triggered. Expected Behavior: The payment sheet should remain open after merchant validation, allowing the user to select a payment method and authorize the payment. The onpaymentauthorized callback should then be triggered to handle the payment token.

Hi. I am writing to request clarification regarding the renewal period of the merchant certificate. According to the documentation, Apple issues merchant certificates for 25 months, and this has been the case for several years. However, in the past six months, the issued certificates have been valid for only 3 months, which causes significant inconvenience. I have reviewed the documentation again and contacted support, but I was only referred back to the same information stating that the certificate should be valid for 25 months. Could you please clarify whether there have been any recent changes to the renewal policy? Additionally, is there a way to extend the certificate's validity to the expected 25-month period? I would greatly appreciate your assistance in resolving this issue.

Hello, I'm building an expense management app and have the necessary FinanceKit entitlements. However I'm based in India and hence do not have access to an Apple Card. Is there anyway to test FinanceKit with some sort of mock data? I have tried following the developer documentation and built a minimal implementation to share via Testflight to my users. However it's failing to get any transaction data. I'm unable to debug the code myself and if anyone here has valid entitlements along with Apple Card, I'd appreciate if you could debug an example project I made below: https://github.com/tanmays/FinanceKitExample Feedback #FB14136552

Hi, Please refer the info graphic . I'm an issuer Bank App, who wants to add a card to phone's Digital Wallet. When I hit add to Apple or Google wallet, my API call goes to a Token Requester server and then to Token Service provider. In this process, I do get a JWT token back, but when I try to add token to Digital Wallet, I always get the message "The pass cannot be read because it is not valid". So few question: Is there a way to debug the token that is received by the app? Is there any kind of API console that I can look to see what is happening and why the pass is not valid? I, being the Issuer Bank App, a Token Service Requester and A Token Service Provider, who should be communicating with Apple servers? Are there any documents that explicitly shows (example) the flow of adding a credit card to Digital Wallet from iOS perspective? Any other help is appreciated. On my end, I have done this: public void AddToDeviceAsync(string data) { try { var dataArray = Encoding.UTF8.GetBytes(data); if (data.Length > 0) { if (PKAddPassesViewController.CanAddPasses && PKPassLibrary.IsAvailable) { _nsData = NSData.FromArray(dataArray); ObjCRuntime.Class.ThrowOnInitFailure = false; _pkPass = new PKPass(_nsData, out NSError e); if (!string.IsNullOrWhiteSpace(e?.LocalizedDescription)) { UserDialogs.Instance.AlertAsync(e.LocalizedDescription, AppResources.Alert); return; } if (!PkLibrary.Contains(_pkPass)) { var controller = new PKAddPassesViewController(_pkPass); var rootViewController = UIApplication.SharedApplication.Delegate.GetWindow().RootViewController; if (rootViewController != null) { var topController = TopViewControllerWithRootViewController(rootViewController); topController?.PresentViewController(controller, true, null); } } else { UserDialogs.Instance.AlertAsync(AppResources.Pass_Already_Present, AppResources.Alert); } } } else { UserDialogs.Instance.AlertAsync(AppResources.Invalid_Pass_Data, AppResources.Alert); } } catch (Exception e) { UserDialogs.Instance.AlertAsync(e.Message, AppResources.Alert); } }

We have recently begun testing in our production environment and have been unable to push provision any cards, receiving a 500 error: default 11:15:59.136742-0300 PassbookUIService Response: https://pr-pod9-smp-device.apple.com:443/broker/v4/devices/SEID_NUMBER/cards 500 Time profile: 0.486102 seconds { x-conversation-id = "52463d9f488e428f829633a1518ea72d" Vary = "accept-language" Content-Type = "application/json" x-pod = "pr-pod9" x-keystone-correlationid = "058F11DE-839F-47AC-A623-741BF32CEA80" Date = "Thu, 16 Jan 2025 14:15:58 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "81" x-envoy-upstream-service-time = "172" x-pod-region = "paymentpass.com.apple" } { statusCode = 500; statusMessage = "Broker Service Response exception"; } In 05/2024 we received an e-mail from applepayentitlementsapple.com confirming the granting of in-app provisioning entitlements for our production apps. We've already sent a feedback on Feedback Assistant. Here is the code to track: FB16344669. Also, we sent another e-mail to applepayentitlementsapple.com, Case-ID: 11317916, but we haven't received a reply yet. Can you help us? We are concerned, since our pre-certification starts on January 27th. Thanks in advance.

Hello Everyone, I am trying to integrate apple pay on my website and have followed the following steps. Created a merchant identifier in my apple developer account. Generated a payment processing certificate using Certificate signing Request generated through keychain. Downloaded the certificate and converted that to pem file using the following command openssl x509 -inform DER -in apple_pay.cer -out apple_pay.pem Imported the cer file into keychain and exported .p12 file and generated private key using the following command. openssl pkcs12 -in Certificates.p12 -out private_key.pem -nocerts Utilizing apple_pay.pem and private_key.pem files for merchant verification call and getting the following response. cURL Error: OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0 Trying 17.141.128.7:443...\n* TCP_NODELAY set\n* Connected to apple-pay-gateway.apple.com (17.141.128.7) port 443 (#0)\n* ALPN, offering h2\n* ALPN, offering http/1.1\n* successfully set certificate verify locations:\n* CAfile: /etc/ssl/certs/ca-certificates.crt\n CApath: /etc/ssl/certs\n* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256\n* ALPN, server accepted to use http/1.1\n* Server certificate:\n* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; CN=apple-pay-gateway.apple.com\n* start date: Dec 19 00:22:44 2024 GMT\n* expire date: Mar 12 19:42:00 2025 GMT\n* issuer: C=US; O=Apple Inc.; CN=Apple Public EV Server RSA CA 1 - G1\n* SSL certificate verify ok.\n> POST /paymentservices/startSession HTTP/1.1\r\nHost: apple-pay-gateway.apple.com\r\nAccept: /\r\nContent-Type: application/json\r\nContent-Length: 143\r\n\r\n* upload completely sent off: 143 out of 143 bytes\n* OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0\n* Closing connection I also tried to include AppleWWDRCAG2 and AppleRootCA-G2 certificated but same response every time.