We are developing a native iOS financial application called Tradu: Stocks, Forex, and CFDs (Apple ID: 6473443264), which embeds a WKWebView to render all user-facing logic. All user interactions—including authentication with MFA—occur inside this WKWebView. To access native functionality, we use postMessage() to communicate between the web and native layers. This approach has worked successfully for biometric authentication, for example. We are currently integrating Apple Pay In-App Provisioning and have a few questions regarding compliance with the documentation provided by our Issuer Host (Modulr). In the document titled Getting Started with Apple Pay: In-App Provisioning, Verification, Security, and Wallet Extensions (Version 4.0, February 2023), all examples are based on a fully native application. We’ve managed to integrate most of the In-App Provisioning flow via postMessage() up to the point of passing encryptedData to the Payment View. Apple Pay button inside WKWebView In Section 7: Frontend Overview, the user initiates the provisioning by tapping a native PKPaymentButton (SwiftUI example). In our case, this button is rendered inside the WKWebView, styled according to the Apple Style Guide. While the document references this approach as a “raw mark text supplement,” is this method acceptable and compliant with Apple’s UX and technical guidelines? MFA requirement before provisioning In Section 4: Security Guidelines, it is stated that the user must have passed MFA at least once before starting the provisioning flow. In our implementation, users must complete MFA on every login (including on recognized devices) before the provisioning UI becomes available. Even though this is not tied specifically to “unrecognized devices,” is our MFA requirement sufficient to satisfy Section 4.2? Summary: Is using a web-rendered Apple Pay button inside WKWebView (instead of a native PKPaymentButton) considered compliant? Is our MFA enforcement model (required on every login) aligned with the security requirements outlined in Section 4.2 of the Apple Pay In-App Provisioning documentation?

Hello! We are using "Apple Pay Web Merchant Registration API" https://developer.apple.com/documentation/applepaywebmerchantregistrationapi Recently we successfully updated the Payment/identity certificates at our main merchant ID And we have a few questions: Do we need make the Domain verification for all of our sub-merchants again after the Certificates update? How we can check the expiration of domain verification of merchants that we integrate trough API endpoint (https://apple-pay-gateway.apple.com/paymentservices/registerMerchant), and do verified domains via API have an expiration date??? How we can understand does the our universal domain verification file (apple-developer-merchantid-domain-association) have expiration too? Thanks in advance!

My Raiffeisen ELBA-App doesnt work anymorw since i downloaded ios 26 beta 3 i cant open the app pls fix it because its my only banking app

Hello, Please help. We have been experiencing what appears to be a TLS handshake error in our Apple Pay merchant validation requests (2-way TLS) since June 25, 2025. We are aware of the encryption algorithm changes made in February 2025, and our system was functioning correctly at that time. However, the error started occurring suddenly and only recently. Could you please clarify the following points? Have there been any changes to the TLS configuration (cipher suites, certificates, protocol versions, etc.) on the Apple Pay server side since June 2025? Have there been any updates to the specifications or recommended settings for merchant validation requests? Is there any way to contact Apple for technical support regarding this issue other than through the Developer Forums? Our Merchant Identity Certificate has already been renewed and is confirmed to be valid.

I'm facing problem with in-app-provisioning in production application. When we try to tokenize (before T&C step) we are getting error from topic. I've also posted this in Feedback Assistant: FB18403577. I'll be very happy if someone could help me to get what is wrong with data or configuration of application.

We plan to set Manual PAN Entry Allowed = N and accept only issuer push provisioning (PKAddPaymentPass). Is there any Apple Pay programme rule that obliges us to keep MANUAL_ENTRY enabled? Will disabling it affect “Participating Issuer” listing?

I have the HCE entitlements, but it's not clear from the documentation I have, how to configure my app as the default app for the double tap of the power button. Nor can i see where this is in iOS 18.2 settings. The closest I can find is 'Settings > Default Apps > Contactless App', which still shows only Wallet after I install my app with all the new entitlements and provisioning profile. I have these entitlement successfully provisioning my app: <key>com.apple.developer.nfc.hce</key> <true/> <key>com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes</key> <array> <string>A0000000031010</string> <string>A00000002501</string> <string>A0000000049999</string> <string>A0000000041010</string> </array> <key>com.apple.developer.nfc.hce.default-contactless-app</key> <true/> The documentation here: https://developer.apple.com/support/hce-transactions-in-apps/ also references a link to changes in Info.plist, but the url takes me to storekit-external-entitlement documentation about dating apps in the netherlands ???!!!??? Any help would be appreciated to at least get started by allowing me to change the double tap action to my app. Thanks

We request your support in enabling the extended entitlement feature for our team when creating provisioning profiles. This is because we need to include the ApplePay In-App Provisioning Development extended entitlement in our Bancoagricola app. Currently, when creating new provisioning profiles, the screen to configure Additional Entitlements is not displayed for our team. However, we have verified with our provider HST (https://hst.com.br/) that this screen does appear in their Apple account. Thank you very much for your support.

We have verified our domain but if the file is removed from the deployed site after verification will this impact using ApplePaySession.applePayCapabilities in real time? We use that method from the JS api in our React app to determine whether or not to show the apple pay button. When that function is called in the browser, do the apple servers ping the https://our.domain.com/.well-known/apple-developer-merchantid-domain-association URL at that time? Or do they check for it periodically? The reason for asking is that with our many environments we wonder if we can verify each environment's domain by adding the file once. The file will be wiped out by our CICD process as it goes up the environment stack through our development workflow. Or do we need to maintain that file for each environment and add something to our build process?

Hello, On my website, I have a button to make a payment via Apple Pay. When I click on it, the Touch ID window opens correctly. However, when I place my finger on the Touch ID, I get a payment error. This issue only occurs in production mode. In sandbox mode, everything works perfectly. Here is a log file : log.txt Thank you in advance for your help.

I am trying to play around on the Apple Pay demo page (https://applepaydemo.apple.com) and I am getting the following error response. PaymentRequest AbortError: The operation was aborted. I am using the Payment Request API

Hello! We use Apple's "master account" scheme to register new clients trough API due to the fact that the number of merchant IDs in a developer account cannot exceed 100 records. It's been almost a year since we successfully used the master account ( ex. "merchant.com.xxx") and register clients via Postman. At the moment, the certificates for the master merchant ID start to expire on July 11 which will affect all customers which is under Master ID. We know that when updating certificates at the identifier level(our master id), new universal identity certificate files that we use to send to the merchants (merchant_id.pem, privkey.key) will be generated for authentication on the merchant side, as well as a new keystore. Since many of our clients are integrated with current files and keystores and have live traffic, we would like to know—is it possible to update certificates on the master account without changing the keystores and certificate identities? The impossibility of this will entail a large gap when switching to new certificates. Thanks in advance for your answer.

We’ve integrated in-app card provisioning into our application. All required configurations have been completed, including: Token Service Provider (TSP) setup Certificates uploaded to the Apple Developer portal While the card is successfully added to the Wallet app, our application is currently unable to retrieve or read the added passes.

Hello, we are trying to extend the dates of verified domains following the docs of https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configured the server following https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server we've download the apple-developer-merchantid-domain-association.txt and update them on their respective locations, click 'ok' button and we get redirected to the main page of the merchant certificate, but the expiration dates have not been extended, we can see on our web crawler that Apple Requested the file and it return a 200. No popup errors are shown, no console developer error we only get redirected to the merchant certificate information page.

Hello we are trying to renew our certificates. We are trying to extend the dates of verified domains following the docs https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configure our server with https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server We've downloaded the apple-developer-merchantid-domain-association.txt and update it on their respective locations, click 'ok' button but we get redirected to the main page of the information of the merchant, and it shows the domains without the extending period of time. No popup showing what has failed or what could be the reason of this error, we only get a redirection to the main page.

We are looking for sample payload for merchant registration API. We have tried to test the api and getting an error. Request: curl --location 'https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant' --header 'Content-Type: application/json' --data '{ "domainNames": "https://checkout.dev.sandbox-netvalve.com", "encryptTo": "platformintegrator.com.netvalve.uat", "partnerInternalMerchantIdentifier": "merchant.test.netvalve", "partnerMerchantName": "Test" }' Response: { "statusMessage": "Payment Services Exception invalid or Malformed Json Received", "statusCode": "400" }

Hello, I am looking for some help on how to use the Apple Pay Web Merchant Registration API. Have been approved to use the API and attempted to test on a merchant ID set up for testing. Below are steps taken before the request. Create merchant ID com.test.merchant. Create Apple Pay Merchant Identity Certificate for using it with the request via p12. Create Platform Integrator platformintegrator.com.test With the below request, I am getting a 401. Any input would be much appreciated! curl --cert-type P12 --cert cert.p12:{password} -i -d '{\ "domainNames":["customer.test.com"],\ "partnerMerchantName": "customer.test.com",\ "partnerInternalMerchantIdentifier":"customer.test.com"}'\ "encryptTo":"com.test.merchant",\ https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant The response: { "statusMessage": "Payment Services Exception Unauthorized", "statusCode": "401" } Also tried using the platformintegrator.com.test for the encryptTo but resulted in a 401 as well.

Hello -- We're preparing to roll out Apple Pay on website in the next week but encountered some issues during testing. While we successfully processed transactions using a VISA card, we ran into errors when testing with other card brands. Has anyone come across this issue before?

Hello. What is the process to get my company listed as an approved Apple Pay Payment Service provider here: https://developer.apple.com/apple-pay/payment-platforms/ We are integrating Apple Pay on our gateway. Our customers are merchants who accept ecommerce payments via our payment gateway. We would like to appear on the list here: https://developer.apple.com/apple-pay/payment-platforms/ Thank you.

We have used the ApplePayRecurringRequest parameter required for Apple Pay subscriptions, but during testing the payment, the Apple Pay payment page shown to the user remains the same as the one-time payment page, without any subscription information. Could you please check if there is an issue with our parameters or if there is an issue with the merchantIdentifier being used? Here is the ApplePayRequestData that we are using. { "supportedMethods": "https://apple.com/apple-pay", "data": { "version": 3, "merchantIdentifier": "***", "merchantCapabilities": [ "supports3DS", "supportsCredit", "supportsDebit" ], "supportedNetworks": [ "visa", "masterCard" ], "countryCode": "US", "recurringPaymentRequest": { "paymentDescription": "A description of the recurring payment to display to the user in the payment sheet.", "regularBilling": { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" }, "trialBilling": { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, "billingAgreement": "A localized billing agreement displayed to the user in the payment sheet prior to the payment authorization.", "managementURL": "https://applepaydemo.apple.com", "tokenNotificationURL": "https://applepaydemo.apple.com" }, "additionalLineItems": [ { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" } ] }