Hi there, is there a way, or a list of test cards, to simulate error on payment in an Apple Pay sandbox environment ? I tried different cards mentioned here but every try was successful : https://developer.apple.com/apple-pay/sandbox-testing/

I am trying to launch a PWA as an application on App Store, and got rejected cause of In-App Purchases. Application is about content generation and selling subscriptions for premium content. So thats why needed to implement In-App Purchases. I have created wrapper via PWABuilder. And it is looking great so far, now my question is about How can I implement In-App Purchases in the bundle which is already created. Any suggestions will be appreciated. More clarification:- I have that product running on Web right now, we have integrated Stripe for payment handling for subscriptions. If there is nothing we can do for In-App Purchases then we have to make purchases on website and then user will be able to experience the changes. We tried that, but then we got rejected for showing locked premium content on user's feed. Also can't show any CTA or Subscribe text or button.

I currently have two merchant id's configured in our production environment which are tied to separate certificates. The one below was recently created for our OlO integration which uses Spreedly. The other integration is with Worldpay directly. When attempting to validate the new merchant id for OlO, we get the following response. Request Body { "merchantIdentifier":"merchant.com.cbolo.prod", "displayName":"Cracker Barrel", "initiative":"web", "initiativeContext":"stage.crackerbarrel.com" } Response Body { "statusMessage": "Payment Services Exception merchantId=745C2D1BC1B86B0E3FF898001666D44AADE6EC457F128075A723DA511D0BA0B4 unauthorized to process transactions on behalf of merchantId=D276804A1BF06DADBAE2DC291266FB87C15C8E6702959025D56CF4694FAB56C4 reason=D276804A1BF06DADBAE2DC291266FB87C15C8E6702959025D56CF4694FAB56C4 never authorized mass enablement transactions to occur via 745C2D1BC1B86B0E3FF898001666D44AADE6EC457F128075A723DA511D0BA0B4", "statusCode": "400" } We have followed all the steps documented around verifying our domains and still we get this error. Has anyone had this issue and been able to resolve? We opened an Apple Support case 4 business days ago and have heard nothing back. Case: 102259384074.

We plan to set Manual PAN Entry Allowed = N and accept only issuer push provisioning (PKAddPaymentPass). Is there any Apple Pay programme rule that obliges us to keep MANUAL_ENTRY enabled? Will disabling it affect “Participating Issuer” listing?

I am currently working on decrypting Apple Pay tokens with Laravel PHP, and I have encountered a few uncertainties regarding the decryption process and the usage of AES-GCM. Could you please clarify the following points: Algorithm Confirmation: Am I using the correct algorithm for decrypting the data key? Specifically, I am utilizing AES-256-GCM with the algorithm ID "id-aes256-GCM" (2.16.840.1.101.3.4.1.46), as specified in the documentation. Is this the recommended algorithm for decrypting the Apple Pay token's data key? Authentication Tag: In the decryption process, it seems that an authentication tag is required, but I am not sure where to obtain it from. Could you confirm how the authentication tag is generated or provided during the encryption process? If the tag is part of the token or is transmitted separately, could you clarify where I can retrieve it in order to proceed with the decryption successfully? IV and Other Parameters: I am using an initialization vector (IV) of 16 null bytes (00000000000000000000000000000000) as specified in the documentation. Could you confirm that this is correct and aligns with the expected parameters for the AES-GCM decryption? Are there any other specific parameters or considerations I should be aware of when implementing the decryption of Apple Pay tokens? GCM vs Other Encryption Modes: Can you confirm that AES-GCM is the preferred and required encryption mode, or is there any flexibility to use other modes (e.g., AES-CBC) without compromising security? Your guidance would be greatly appreciated to ensure I am following the correct decryption procedure for Apple Pay tokens. Thank you in advance for your support.

We have verified our domain but if the file is removed from the deployed site after verification will this impact using ApplePaySession.applePayCapabilities in real time? We use that method from the JS api in our React app to determine whether or not to show the apple pay button. When that function is called in the browser, do the apple servers ping the https://our.domain.com/.well-known/apple-developer-merchantid-domain-association URL at that time? Or do they check for it periodically? The reason for asking is that with our many environments we wonder if we can verify each environment's domain by adding the file once. The file will be wiped out by our CICD process as it goes up the environment stack through our development workflow. Or do we need to maintain that file for each environment and add something to our build process?

Hi, I was wondering if there is a way to open apple pay just by clicking a link, no need to create a payment request. If there's no way to do it, I found out that we can interact with the app through JS, but even in JS I didn't find a way to simply open it.

A team observed lots of timeouts from the Apple Pay session endpoint: https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession Is it expected or some kind of an implementation issue from the caller side? Thanks!

Hello, I am looking for some help on how to use the Apple Pay Web Merchant Registration API. Have been approved to use the API and attempted to test on a merchant ID set up for testing. Below are steps taken before the request. Create merchant ID com.test.merchant. Create Apple Pay Merchant Identity Certificate for using it with the request via p12. Create Platform Integrator platformintegrator.com.test With the below request, I am getting a 401. Any input would be much appreciated! curl --cert-type P12 --cert cert.p12:{password} -i -d '{\ "domainNames":["customer.test.com"],\ "partnerMerchantName": "customer.test.com",\ "partnerInternalMerchantIdentifier":"customer.test.com"}'\ "encryptTo":"com.test.merchant",\ https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant The response: { "statusMessage": "Payment Services Exception Unauthorized", "statusCode": "401" } Also tried using the platformintegrator.com.test for the encryptTo but resulted in a 401 as well.

We’ve integrated in-app card provisioning into our application. All required configurations have been completed, including: Token Service Provider (TSP) setup Certificates uploaded to the Apple Developer portal While the card is successfully added to the Wallet app, our application is currently unable to retrieve or read the added passes.

Does Apple Pay payment sheet support selecting multiple shipping methods for different sellers ? If no, what are the workarounds and best practices for multiple sellers ?

Currently, on our Production environment, when calling https://apple-pay-gateway.apple.com/paymentservices/paymentSessio,n we are randomly receiving: "Payment Services Exception merchantId={Value} unauthorized to process transactions on behalf of merchantId={Value} reason={Value} is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either." Since launching Apple Pay on our platform we have received a new Domain Verification File and looking at some of the Domain Verification File that are hosted on the domains they are different to ours. Questions around the Domain Verification File Would we have to update every single Domain Verification File every time we receive a new one ? Does the paymentSession verfiy/call the Domain Verification File on the domain listed at https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association ? What happens if the Domain Verification File doesnt match the one that we currently have ? Would we have to regrester our Domains everytime we get a new Domain Verification File ?

Hi I have a question about In app Provisioning for Apple Pay. I'm a developer in company which makes application for one of banks. They want to have ability to add cards to Wallet by their app not by Wallet application. I know which functions and documentation i need to use but I have a problem with testing it. We are third party developer, have seperate teams, bank also has 3 apps for their testing environments. Bank sign agreements with Apple so they could have entitlements to check integration. And that is a question. Is there any change to check our implementation before checking it in production app? I've seen sandbox account feature: https://developer.apple.com/apple-pay/sandbox-testing/ but I can' open In App provisioning window without entitlements. In Apple documentation we have statement that Apple is giving this entitlement only for production applications. So how to test it and check implementation before getting to production or without "mocking" application as production (changing id).

I have a question regarding the file apple-developer-merchantid-domain-association.txt. I understand that this file is used during API access for Apple Pay Web payments. However, is it necessary for our company to access this file during the payment process? Also, this domain validation file is expected to be placed in the publicly accessible “.well-known” folder on our web server. Is it acceptable for this file to remain readable by third parties on the Internet, including Apple’s servers, without posing any security risks? Since this file is generated during domain registration on the Apple Developer site and is unique to our domain, we believe there should be no security concerns even if accessed by third parties. However, are there any specific security requirements for this domain validation file? Please note that the domain validation has already been successfully completed. We appreciate your time and look forward to your guidance. Best regards,

Maybe this is a strange question but I think it's better to ask this before trying it and see what happens; if we use the dpan or mpan of a recurring payment to make a charge on a date other than the one shown to the final customer, could the payment be made without any problem by the bank or financial institutions involved? Naturally I understand that this would mainly cause great anger to the customer and of course if this were the case this could be explained in the billing agreement, but the doubt is mainly based on whether it is possible to use a dpan/mpan for a payment other than that of the original subscription.

I am encountering an issue with the in-app provisioning flow using PKAddPaymentPassViewController. Specifically, when presenting the controller to allow users to add a pass to Apple Wallet, the device selection screen is showing all the devices, even after setting the primaryAccountIdentifier on the PKAddPaymentPassRequestConfiguration. Here's the context: I'm using PKAddPaymentPassViewController for in-app provisioning. I provide a valid primaryAccountIdentifier in the configuration. But after adding the pass, if i print back the primaryAccountIdentifier it displays some other value different than the identifier i had set(Example masked identifier: FAPLMC1GB000000066aa4xxxxxxxxxxxa744f16axxxxxxxx). The provisioning flow works, but the device list shown to the user includes all the devices (e.g., Apple Watches and iPhone even though it is already added to Apple Watch or iPhone).

Hi, We are using Apple VAS and ECP2 certified NFC readers. What process will we need to follow to issue NFC-based keys so that we can provide an access control use case? Any help in this regard will be much appreciated. Thanks, Aweliv

uni.getProvider({ service: 'payment', success: (res) => { const iapChannel = res.providers.find((channel) => { return (channel.id === 'appleiap') }) if (iapChannel) { let ids = ['1234567890', '1234567892']; iapChannel.requestOrder(ids, ( orderList) => { console.log("----- order -----", orderList); }, (e) => { console.log('--- failed ---' , e); }); uni.requestPayment({ provider: 'appleiap', orderInfo: { productid: that.productid, manualFinishTransaction: true, username: ress.data.orderId }, success: (e) => { that.isPayLoadding = false }, fail: (e) => { that.isPayLoadding = false } }) } } });

During our Apple Pay integration testing, we encountered an issue that we're unsure how to resolve. Below are the steps we followed: Created an Apple Pay sandbox test account for Raul and added a test card, following the documentation here: https://developer.apple.com/apple-pay/sandbox-testing/ Opened the Golfmanager platform and initiated a booking. For payment, selected Apple Pay as the method. Raul clicked the Apple Pay button on the Golfmanager UI. He scanned the QR code using his iPhone, logged in with the test account. Apple Pay began validating our merchant identity and retrieved the wallet token to proceed with payment. The Apple Pay payment sheet appeared on Raul's iPhone, showing the card details and the amount requested by Golfmanager. Suddenly, the Apple Pay sheet closed unexpectedly, and we have no insight into what went wrong or what might be missing on our end. Here is the video: https://drive.google.com/file/d/1r-73edQ9eBZzXi6HoSYYGjKO8LbxBrZi/view?usp=drive_web

I am adding Apple Pay to my eCommerce site and I am having a lot of difficulty with the PaymentsRequest API in Microsoft Edge browser. I have a partial implementation that displays the Apple Pay button and creates a PaymentRequest when the button is clicked. That's all. On Safari, this is enough to display the Apple Pay dialog. The process doesn't proceed further because I haven't implemented a handler for the merchantvalidation event. With Chrome on a Mac, the behavior is the same, I can scan the code and see the Apple Pay dialog. On Microsoft Edge, I never see the code to scan. In my web console, I'm seeing errors like InvalidStateError: Failed to execute 'canMakePayment' on 'PaymentRequest': Cannot query payment request and NotSupportedError: The payment method "https://apple.com/apple-pay" is not supported. No "Link: rel=payment-method-manifest" HTTP header found at "https://www.apple.com/apple-pay/" Is Apple Pay not supported on Windows? I see the demo site here, which gets farther than I have gotten. It does display the scan code, but payment still never completes. I see the same payment-method-manifest error in the console. If Apple Pay is not supported on any PCs other than Macs, is there any reason to use the PaymentRequest API instead of Apple Pay JS? I started digging into the W3C standards and it turns out that merchantvalidation event is deprecated. Chrome on Mac does catch it, so it seems like it's supported there. But I have concerns about the long term future. Is it going to remain supported? If so, I would imagine that the interface could change. It seems like the only benefit of the W3C PaymentRequest API is that Mac users with non-Safari browsers may still be able to use Apple Pay. In theory, that's something I'd still like to support, even if it's only a small number of users, but I only have time for one integration right now, and I need to pick the best one. How much faith should I have in the W3C PaymentRequest API? Is it reasonable to pursue it with the goal of including all Mac users regardless of browser? Or is it likely a dead API and I should stick to Apple Pay JS instead to provide a better experience to Safari users? It also looks like the PaymentRequest API isn't fully finalized yet, so maybe that's the source of my issues. Maybe I should just use Apple Pay JS for now with an eye to supporting PaymentRequest when the spec is finalized. I greatly appreciate your input.