We're new to Apple Pay and are finding it difficult to find documentation that speaks specifically of DPAN retrieval and decryption. Can anyone in the forum help us understand how this can be done?

I have a persistent issue. When i make a GET to our endpoint, this is my response: "expiresAt": 1689708858191, "merchantSessionIdentifier": "SSH8907CA4E29424A14969C5450CA01D99E_C23A0D3024FAB8B12CBB67660B4C1B48ABF1272EC8B61399E3A647290C8BE67A", "nonce": "6e127ad6", "merchantIdentifier": "B06C8CE272C72F8CC8C496721B5AB7904427AC91188AB4F711A54FEC31B5CDE5", "domainName": "ecommerce.bckd.co", "displayName": "Bucked Up", "signature": "308006092a864886f70d010702a0803080020101310d300b0609608648016503040201308006092a864886f70d0107010000a080308203e330820388a00302010202084c304149519d5436300a06082a8648ce3d040302307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3139303531383031333235375a170d3234303531363031333235375a305f3125302306035504030c1c6563632d736d702d62726f6b65722d7369676e5f5543342d50524f4431143012060355040b0c0b694f532053797374656d7331133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d03010703420004c21577edebd6c7b2218f68dd7090a1218dc7b0bd6f2c283d846095d94af4a5411b83420ed811f3407e83331f1c54c3f7eb3220d6bad5d4eff49289893e7c0f13a38202113082020d300c0603551d130101ff04023000301f0603551d2304183016801423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b304506082b0601050507010104393037303506082b060105050730018629687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65616963613330323082011d0603551d2004820114308201103082010c06092a864886f7636405013081fe3081c306082b060105050702023081b60c81b352656c69616e6365206f6e207468697320636572746966696361746520627920616e7920706172747920617373756d657320616363657074616e6365206f6620746865207468656e206170706c696361626c65207374616e64617264207465726d7320616e6420636f6e646974696f6e73206f66207573652c20636572746966696361746520706f6c69637920616e642063657274696669636174696f6e2070726163746963652073746174656d656e74732e303606082b06010505070201162a687474703a2f2f7777772e6170706c652e636f6d2f6365727469666963617465617574686f726974792f30340603551d1f042d302b3029a027a0258623687474703a2f2f63726c2e6170706c652e636f6d2f6170706c6561696361332e63726c301d0603551d0e041604149457db6fd57481868989762f7e578507e79b5824300e0603551d0f0101ff040403020780300f06092a864886f76364061d04020500300a06082a8648ce3d0403020349003046022100be09571fe71e1e735b55e5afacb4c72feb445f30185222c7251002b61ebd6f55022100d18b350a5dd6dd6eb1746035b11eb2ce87cfa3e6af6cbd8380890dc82cddaa63308202ee30820275a0030201020208496d2fbf3a98da97300a06082a8648ce3d0403023067311b301906035504030c124170706c6520526f6f74204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3134303530363233343633305a170d3239303530363233343633305a307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d03010703420004f017118419d76485d51a5e25810776e880a2efde7bae4de08dfc4b93e13356d5665b35ae22d097760d224e7bba08fd7617ce88cb76bb6670bec8e82984ff5445a381f73081f4304606082b06010505070101043a3038303606082b06010505073001862a687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65726f6f7463616733301d0603551d0e0416041423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b300f0603551d130101ff040530030101ff301f0603551d23041830168014bbb0dea15833889aa48a99debebdebafdacb24ab30370603551d1f0430302e302ca02aa0288626687474703a2f2f63726c2e6170706c652e636f6d2f6170706c65726f6f74636167332e63726c300e0603551d0f0101ff0404030201063010060a2a864886f7636406020e04020500300a06082a8648ce3d040302036700306402303acf7283511699b186fb35c356ca62bff417edd90f754da28ebef19c815e42b789f898f79b599f98d5410d8f9de9c2fe0230322dd54421b0a305776c5df3383b9067fd177c2c216d964fc6726982126f54f87a7d1b99cb9b0989216106990f09921d00003182018830820184020101308186307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b300906035504061302555302084c304149519d5436300b0609608648016503040201a08193301806092a864886f70d010903310b06092a864886f70d010701301c06092a864886f70d010905310f170d3233303731383138333431385a302806092a864886f70d010934311b3019300b0609608648016503040201a10a06082a8648ce3d040302302f06092a864886f70d010904312204206380e03422682ab5e9cfa737daae5685eaff231e252f1905611ecd90fa7006df300a06082a8648ce3d0403020447304502210082f04e750bbb46b5870cec6055e17a235e7658b5f6e1101e22641614cb96e1d702205b156449d1e5573006889f18800f7fca2d5326cfeeb7cfb2ca59fb1e57eb25b2000000000000", "operationalAnalyticsIdentifier": "Bucked Up:B06C8CE272C72F8CC8C496721B5AB7904427AC91188AB4F711A54FEC31B5CDE5", "retries": 0, "pspId": "B06C8CE272C72F8CC8C496721B5AB7904427AC91188AB4F711A54FEC31B5CDE5" And this is the code that I used to display the payment sheets. But nothing happens, is like session.onvalidatemerchante doesn't make anything: // Constants const startApplePaySession = async () => { if (window.ApplePaySession) { const appleSession = window.ApplePaySession // Define ApplePayPaymentRequest const request = { 'countryCode': 'US', 'currencyCode': 'USD', 'merchantCapabilities': [ 'supports3DS' ], 'supportedNetworks': [ 'visa', 'masterCard', 'amex', 'discover' ], 'total': { 'label': 'Demo (Card is not charged)', 'type': 'final', 'amount': '2.00' // harcoded amount } } const session = new appleSession(6, request) session.onvalidatemerchant = async function(event) { try { const {data} = await getApplePay() session.completeMerchantValidation(data) } catch (error) { console.log(error) } } session.begin() } } return ( <button className='apple-pay-btn' id='apple-btn' onClick={startApplePaySession} > Button here </button> ) } Please what I'm making wrong!!!!

Hi, I am using DOTNET-Passbook library to generate apple wallet pass, it was successfully generated and saved. Now when I am updating the pass using push notification. Push notification not showing on phone. I have followed the wallet protocol for API creation following this Article https://developer.apple.com/library/archive/documentation/PassKit/Reference/PassKit_WebService/WebService.html after the API implementation, I am successfully getting device token and push token from API and I am using Pass Type ID certificate to update pass and sending notification on push token received from API. Following this article for configuration: https://medium.com/@yangzhoupostbox/part-2-push-notification-for-updating-apple-pass-in-asp-net-6020768d112

Hi, We’re trying to use the Apple Pay Register Merchant API and are getting an unauthorised error when we try to access the the Request for API form Error Message: Sorry, you cannot view this page. The Apple ID you signed in with does not have permission to view this page. If you’re currently a member of the Apple Developer Program, you or your Account Holder may need to update your account by agreeing to the latest license agreement in order to access this page. To view your current membership status and benefits, visit your account. But our account is already a part of Apple Developer Program.

Hello All, I apologize in advance if this is a dumb question. I am helping some Front End Devs out in our coding of Apple Pay integration for our ecommerce site. Currently we have in our js code the following: created: function() { this.ApplePay = { APIVersion: 3 }, this.checkApplePayAvailability() However: We have learned that we must have at least APIVersion 4 to allow totals to be 0 RE: https://developer.apple.com/documentation/apple_pay_on_the_web/applepaypaymentrequest/1916119-total Note In versions of Apple Pay JS prior to version 4, the amount of the total must be greater than zero. Check for version availability using supportsVersion before setting a zero amount. So, I thought of just hard coding to use APIVersion 4. YET: I am wondering what the latest APIVersion is. https://developer.apple.com/documentation/apple_pay_on_the_web/apple_pay_on_the_web_version_history Thank you so much, in advance, for your feedback. Regards, 🌻Anne

I try to integrate the Apple pay in website using PHP, After submitting the merchant details (crt.pem, key.pem, key certificate password.) to the Apple server, it will throw the below error "unable to set private key file: ApplePay.key.pem" Can anyone help us

I have a team on my company looking to develop a let say "link" to distribute between some sale employes to "automatically" create a Business Card inside Apple Wallet. The idea is that "link" will have all the public employe information and the look&feel of the card. They are following this page: https://github.com/alexandercerutti/passkit-generator/wiki/Generating-Certificates So they are asking us those certificates: Signer Certificate (Developer) Signer Certificate Key (Developer) WWDR (Apple WorldWide Developer Relations) G4 Certificate Can someone explain me if giving those certificates to the develpers could have some security risk? Or what else they can do having those certificates? Thanks!

Hello, I made the payment from the developer application on my phone. The payment was taken from me, but my membership was not renewed. There is also information on my phone bill that I have made the payment. I have the only order number that I can send to you, could you please provide control. Thank you, you are the best.

I am working on a project where it needs to implement wallet extension to add cards from Apple wallet. I am stuck in the flow where app is not getting displayed in wallet while trying to add. Any sample implementation available? Any help would be much appreciated

I am developing an iOS application that involves online payments. I am using the Apple Pay API to handle the payment process, but I encountered an issue where I receive two callbacks after the user initiates a payment: one synchronous and one asynchronous callback. This has resulted in the generation of two separate orders, and the user is charged twice. The transaction receipts contain identical data, except for the platform order number. I have contacted Apple Developer Support, and they confirmed that both callbacks represent successfully paid orders. Has anyone encountered a similar issue, and if so, are there any solutions or suggestions to resolve this problem? Thank you!

I want to implement ApplePay on Angular. There are two ways to implement it (JS API and Payment Request API) and I would like to use the API method as I want to do as much as processing in server side. By looking at the following page, it's hard to understand the difference between JS API and Payment Request API. https://applepaydemo.apple.com/ Surprisingly I can't find any example code for Angular to use ApplePay. I can't believe no one has used ApplePay on Angular before. May be there is another/better way to do it? In Angular it's even tricky to get the window instance. I have tried the solutions in this question and managed to inject window instance using a service provider. I can display the ApplePay button on appropriate devices but I am getting the following error when calling the ApplePaySession object. Apparenlty the injected window is not the top level one.

Last month our certificate key expired for Apple Pay, For generating new certificate Followed this document TN3103: Apple Pay on the Web troubleshooting guide | Apple Developer Documentation ) My payment service provider created certificate signing request (CSR).(Not provided key) Uploaded this CSR to the Merchant Configuration page to generate a Payment Processing Certificate Downloaded payment processing certificate Downloaded Merchant Identity Certificate Both certificated installed in key chain, But the key file is not found so can't create Certificate.key.pem ` public function apple_pay_session(Request $request) { $certificatePassphrase = ""; $merchantIdentifier = "merchant.name.com"; $displayName = "merchant name"; $initiative = "web"; $initiativeContext = "www.merchant.co.uk"; $certPass = ""; $certFile = public_path('merchant_id.pem'); $keyFile = public_path('Certificate.key.pem'); $data = '{"merchantIdentifier":"'.$merchantIdentifier.'","displayName":"'.$displayName.'","initiative":"'.$initiative.'","initiativeContext":"'.$initiativeContext.'"}'; try { $ch1 = curl_init(); Storage::put('computop_applpay_try_session_'.time().'.txt', "In session"); // Check if initialization had gone wrong* if ($ch1 === false) { throw new Exception('failed to initialize'); } curl_setopt($ch1, CURLOPT_URL, $request->validationUrl); curl_setopt($ch1, CURLOPT_SSLCERT, $certFile); curl_setopt($ch1, CURLOPT_SSLKEY, $keyFile); curl_setopt($ch1, CURLOPT_SSLKEYPASSWD, $certPass); curl_setopt($ch1, CURLOPT_POST, 1); curl_setopt($ch1, CURLOPT_POSTFIELDS,$data); curl_setopt($ch1, CURLOPT_RETURNTRANSFER, 1); $merchantSession = curl_exec($ch1); // Check the return value of curl_exec(), too if ($merchantSession === false) { throw new Exception(curl_error($ch1), curl_errno($ch1)); } return response()->json([ "merchantSession"=>$merchantSession, "certFile" => $certFile ]); } catch(Exception $e) { Storage::put('computop_applpay_catch_session_'.time().'.txt', $e->getMessage()); return response()->json([ "code"=>$e->getCode(), "msg" => $e->getMessage() ]); } }` We only have apple_pay.cer ,merchant_id.cer, certificate signing request (CSR) provide by the payment service provider." How to create merchant_id.pem,Certificate.key.pem from It..? Or is it possible to do payment validation in PHP without these files?

I am attempting to implement the Tap to Present ID (Data Request) feature and am wondering if the Data Request will succeed without a reader token. From the wording in the WWDC video (31:50 in WWDC2023-10114 video), it sounds the reader token is necessary, but the example is building off of the previous MobileDriversLicenseDisplayRequest example where the the reader token was used only for the branding to be displayed. In my app running on Simulator, I'm able to get the placeholder data to return from a MobileDriversLicenseDataRequest without using a reader token. Since I'm unable to test this on physical device (I don't live in a state that has Mobile ID's), I'm hoping an Apple engineer can comment on if the reader token is required strictly for the branding to be presented, and not for the Data Request itself to succeed. Thank you.

Hi, I'm trying to create merchant tokens in ApplePay sandbox environment, so then I can use them to invalidate token API call and lifecycle notifications testing. When processing test payment I use Apple Pay payment request taken directly from Apple's demo website (I skipped non important part of JSON) { ... "recurringPaymentRequest": { "paymentDescription": "A description of the recurring payment to display to the user in the payment sheet.", "regularBilling": { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2023-08-11T11:20:32.369Z" }, "trialBilling": { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2023-08-11T11:20:32.369Z" }, "billingAgreement": "A localized billing agreement displayed to the user in the payment sheet prior to the payment authorization.", "managementURL": "https://applepaydemo.apple.com", "tokenNotificationURL": "https://applepaydemo.apple.com" }, ... } Payment is successful, but merchantTokenIdentifier in decrypted ApplePay token is always empty, regardless of test card used, I tried Visa, MasterCard, Amex. Anyone have an idea what I'm missing and how to get that merchant token? Is it even possible to test merchant tokens (lifecycle notifications) in sandbox?

I've come across seemingly conflicting information regarding the necessity of domain verification and looking for clarification. I am currently developing a solution that integrates Apple Pay capabilities on a web page and when I attempt to make my merchant verification call I receive an error stating that the supplied merchant Id is not registered with the supplied domain. The certs are all still far from expiration so the only other answer I'm finding through the Google machine is that it's because I have not performed my domain verification. The development host is only accessible internally and I've gone back and forth with security stating it must be exposed at least long enough to perform the verification. I was provided with this article which conveys that domain verification is not required in the sandbox environment. On the contrary, here under Developer Account and Website, it is stated that domain verification IS required. The sandbox appears to be for apps when I'm developing a website. So which one is it? I may have found my answer is rooted in not being logged into a sandbox account from the MacBook but rather using an iCloud account? I have dismissed this a number of times seeing as it references the app store when I'm developing website. Perhaps a sandbox account is used for both? This could explain why the URL returned during the verification callback does not convey a development/test endpoint. I'm currently sharing a laptop for testing so I'll have to try this out once I retake possession. Until that time comes, the conflict and the question still stand as any feedback may be useful to other individuals facing a similar situation. Someone really needs to write up a paper on Apple Pay integration for the Windows person developing within an environment that's tighter than a submarine.

Hello everyone, I am trying to figure out the difference between the AddPassToWalletButton and the PKAddPassButton. When I read through the Apple Wallet documentation, it always mentions using the PKAddPassButton. Now I'm using SwiftUI, which the PKAddPassButton isn't compatible with. During my research I came across the AddPassToWalletButton (https://developer.apple.com/documentation/passkit/addpasstowalletbutton) and wanted to know whether it is the equivalent of PKAddPassButton (for SwiftUI) and whether it can be used in accordance with the apple developer guidelines (https://developer.apple.com/wallet/add-to-apple-wallet-guidelines/). It got me wondering since the guidelines only refer to the PKAddPassButton. Thanks for your help.

Hi, Im newly to Apple Pay and I have some questions: Backend Integration Documents: I can not find the backend documents :( Authorized Token Duration: When user authorize the pay request, the merchant'll provide a authorize token. So how long does it last for? Purchase Authorization and Delayed Processing: Our platform involves a scenario where users initiate a purchase, but the actual processing of the payment occurs at a later stage after an administrator approves the request. Is it possible to utilize Apple Pay in such a manner, where the user's authorization is retained by our backend system until the payment is approved and processed? Refund Functionality and Fee: Does Apple Pay offer a built-in refund function for transactions? If so, could you provide details regarding the refund process and any associated fees? Please help, Thank you

Hello, all. Development environment: xcode14.3 + iOS16.4 + iphone12 mini When I use multiTokenContexts to complete the multi-merchant payment function, it prompts "Try Different Payment Method". But if I just perform the payment function of a single order, the payment process can be completed normally. So I would like to ask, is there any limitation to use multiTokenContexts? Thank you, looking forward to your reply.

We are trying to integrate Apple Pay in our website and our Payment Service Provider is Card Connect. We follow the guide https://developer.cardpointe.com/guides/apple-pay We stuck at the "Formatting the Apple Pay Tokenization Request" step in the guide as it required the apple pay request payload information We would need more information on the below apple pay request attributes as in the attached screen shot: data, Signature, ephemeralPublicKey, transactionId, applicationData, publicKeyHash Any useful information/guide on the above details will help us to integrate

Hi everyone, Can anyone tell me is any charge for using the apple wallet generic pass? Is only pay for the development account only? anything else?