We are an acquirer/payment provider offering Apple Pay. Our merchants use our hosted checkout to accept payments. After a user pays with Apple Pay on our checkout, the Wallet transaction record shows our checkout domain as the payee. We would like it to display the merchant’s brand/name so users can recognize or contact the merchant. Is there any parameter or configuration that controls what Wallet shows as the payee? For example, can this be set via a specific field/parameter, or is it strictly derived from the Merchant ID’s display name (or other Apple Pay configuration)? What is the correct approach for a PSP/acquirer to have the merchant’s brand shown in Wallet transaction record? Additional detail: The field in question is the merchant/payee name shown in the Apple Wallet receipt—directly under the transaction amount at the top of the receipt, and again beneath the “Total” line.

During the development of our 3D game project, we encountered high memory usage requirements. To address this, we enabled Apple’s Extended Virtual Addressing (EVA) and Increased Memory Limit services. We have confirmed that both services were enabled in the developer backend as well as in Xcode, and we also used updated development and distribution certificates when building the app. However, in our validation process, it seems that EVA and Increased Memory Limit are not taking effect — the game still experiences memory overflow and crashes. Could you please advise: The correct steps to properly use Extended Virtual Addressing and Increased Memory Limit; How we can confirm whether these services are functioning as expected?

we are currently using the requestAutomaticPassPresentationSuppression API in my app. to prevent the Wallet interface from appearing when an NFC/RF reader is detected during active app usage. Recently, a new transit card supporting Express Mode (T-money Transit Card) was released in Korea, and we are seeing an increasing number of users enabling Express Mode. However, this has introduced an issue where users are unable to use the BLE-based functionality we provide via our widget. Specifically, when the user taps our widget, it triggers a BLE signal broadcast for approximately 10 seconds. In this scenario, when the user brings their iPhone close to our reader, Express Mode is activated before the BLE interaction can be established. This prevents the BLE signal from being successfully received and processed. We would like to ask: Is it possible to suppress Express Mode behavior (similar to requestAutomaticPassPresentationSuppression) even when the app is launched via a widget interaction? Alternatively, is there any way to delay or defer Express Mode activation temporarily when launching from a widget or during BLE communication? We would appreciate any guidance or best practices you can share regarding this scenario. Thank you.

Hello, We are experiencing an issue with Apple Pay integration in our application. We are using WKWebView to handle various payment methods, but we are unable to complete payments via Apple Pay. Upon debugging the WKWebView, we received the following error message: "400 No required SSL certificate was sent" when attempting to process the payment. Currently, we are using a Let's Encrypt SSL certificate. Could you please confirm whether this certificate is suitable for Apple Pay, or if we should be using a different SSL certificate?

To perform the integration, it must be done under the same domain that has been validated. Is it not possible to do it in a local environment? Could that be the reason why I can't display the button or complete the validation with the API?

Hi, I am the developer of this app and I was shared this receipt which strangely does not list my name as the merchant but instead says "The flow network" as you can see below: What is going on?

I'm successfully using Apple subscriptions in my app, but I'm encountering SKErrorCodeDomain error 18 when trying to apply a subscription offer. I want apply offer code first time only for subscription. Below are details of what i set in appstore and what i have tested. Subscription Offer Details Offer Type: For the first month Customer Eligibility: New, Existing, and Expired Subscribers Code Status: Active Offer Code Creation Steps: App Store Connect → App → Subscription → Select Subscription Product → Offer Codes → Add → Add Custom Codes Signature Generation for Promotional Offers I'm following Apple's documentation to generate a signature: https://developer.apple.com/documentation/storekit/generating-a-signature-for-promotional-offers I’ve constructed the payload as instructed: appBundleId + '\u2063' + keyIdentifier + '\u2063' + productIdentifier + '\u2063' + offerIdentifier + '\u2063' + appAccountToken + '\u2063' + nonce + '\u2063' + timestamp Keys and Identifiers keyIdentifier, issuerId, and .p8 file are obtained from: App Store Connect → Users and Access → Integrations → In-App Purchase Test user created under: App Store Connect → Users and Access → Sandbox → Test Accounts Logged in with this account on the iPhone What I’ve Tried Verified all values used in the payload are correct Tried both seconds and milliseconds for the timestamp (as per documentation, it should be in milliseconds) Tried setting appAccountToken to: a valid UUID an empty string not setting it at all Used Apple’s sample code to generate a signature: https://developer.apple.com/documentation/storekit/generating-a-promotional-offer-signature-on-the-server Verified the generated signature locally, and it validated successfully: https://developer.apple.com/documentation/storekit/generating-a-signature-for-promotional-offers#Validate-locally-and-encode-the-signature Apple’s sample code to generate a signature Downloaded from const express = require('express'); const router = express.Router(); const crypto = require('crypto'); const ECKey = require('ec-key'); const secp256k1 = require('secp256k1'); const uuidv4 = require('uuid/v4'); const KeyEncoder = require('key-encoder'); const keyEncoder = new KeyEncoder('secp256k1'); const fs = require('fs'); function getKeyID() { return "KEYIDXXXXX"; } router.post('/offer', function(req, res) { const appBundleID = req.body.appBundleID; const productIdentifier = req.body.productIdentifier; const subscriptionOfferID = req.body.offerID; const applicationUsername = req.body.applicationUsername; const nonce = uuidv4(); const currentDate = new Date(); const timestamp = currentDate.getTime(); const keyID = getKeyID(); const payload = appBundleID + '\u2063' + keyID + '\u2063' + productIdentifier + '\u2063' + subscriptionOfferID + '\u2063' + applicationUsername + '\u2063'+ nonce + '\u2063' + timestamp; // Get the PEM-formatted private key string associated with the Key ID. // const keyString = getKeyStringForID(keyID); // Read the .p8 file const keyString = fs.readFileSync('./SubscriptionKey_47J5826J8W.p8', 'utf8'); // Create an Elliptic Curve Digital Signature Algorithm (ECDSA) object using the private key. const key = new ECKey(keyString, 'pem'); // Set up the cryptographic format used to sign the key with the SHA-256 hashing algorithm. const cryptoSign = key.createSign('SHA256'); // Add the payload string to sign. cryptoSign.update(payload); /* The Node.js crypto library creates a DER-formatted binary value signature, and then base-64 encodes it to create the string that you will use in StoreKit. */ const signature = cryptoSign.sign('base64'); /* Check that the signature passes verification by using the ec-key library. The verification process is similar to creating the signature, except it uses 'createVerify' instead of 'createSign', and after updating it with the payload, it uses `verify` to pass in the signature and encoding, instead of `sign` to get the signature. This step is not required, but it's useful to check when implementing your signature code. This helps debug issues with signing before sending transactions to Apple. If verification succeeds, the next recommended testing step is attempting a purchase in the Sandbox environment. */ const verificationResult = key.createVerify('SHA256').update(payload).verify(signature, 'base64'); console.log("Verification result: " + verificationResult) // Send the response. res.setHeader('Content-Type', 'application/json'); res.json({ 'keyID': keyID, 'nonce': nonce, 'timestamp': timestamp, 'signature': signature }); }); module.exports = router; Postman request and response Request URL: http://192.168.1.141:3004/offer Request JSON: { "appBundleID":"com.app.bundleid", "productIdentifier":"subscription.product.id", "offerID":"OFFERCODE1", "applicationUsername":"01234b43791ea309a1c3003412bcdaaa09d39a615c379cc246f5f479760629a1" } Response JSON: { "keyID": "KEYIDXXXXX", "nonce": "f98f2cda-c7a6-492f-9f92-e24a6122c0c9", "timestamp": 1753510571664, "signature": "MEYCIQCnA8UGWhTiCF+F6S55Zl6hpjnm7SC3aAgvmTBmQDnsAgIhAP6xIeRuREyxxx69Ve/qjnONq7pF1cK8TDn82fyePcqz" } Xcode Code func buy(_ product: SKProduct) { let discountOffer = SKPaymentDiscount( identifier: "OFFERCODE1", keyIdentifier: "KEYIDXXXXX", nonce: UUID(uuidString: "f98f2cda-c7a6-492f-9f92-e24a6122c0c9")!, signature: "MEYCIQCnA8UGWhTiCF+F6S55Zl6hpjnm7SC3aAgvmTBmQDnsAgIhAP6xIeRuREyxxx69Ve/qjnONq7pF1cK8TDn82fyePcqz", timestamp: 1753510571664) let payment = SKMutablePayment(product: product) payment.applicationUsername = "01234b43791ea309a1c3003412bcdaaa09d39a615c379cc246f5f479760629a1" payment.paymentDiscount = discountOffer SKPaymentQueue.default().add(payment) } Issue Even following instructions to the documentation and attempting various combinations, the offer keeps failing with SKErrorCodeDomain error 18. Has anyone else experienced this? Any suggestions as to what may be amiss or how it can be corrected?

Hi, I’ve been trying to integrate Apple Pay, but for some reason, the payment button is not showing up. The project is built with Laravel 11 and Vue. I imported the script as follows: <script crossorigin crossorigin src="https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js" ></script> Then I added the following the steps: <style> apple-pay-button {{ --apple-pay-button-width: --apple-pay-button-width: 150px;; --apple-pay-button-height: --apple-pay-button-height: 30px;; --apple-pay-button-border-radius: --apple-pay-button-border-radius: 3px;; --apple-pay-button-padding: --apple-pay-button-padding: 0px 0px;; --apple-pay-button-box-sizing: border-box; } </style> <apple-pay-button buttonstyle="black" type="plain" locale="en-US"></apple-pay-button> I followed all the steps from the official Apple Pay demo: https://applepaydemo.apple.com/ I also configured the Content Security Policy (CSP) to allow all necessary resources. However, when I test my integration, the button doesn’t appear. I’ve checked the console, but there are no errors. At the same time, I have my certificate imported into the Keychain, and I’ve completed the entire process of creating both the certificate and the private key. However, when I try to validate the session using the certificate and key with Apple’s API, I get an error: 400 The SSL certificate error https://apple-pay-gateway-cert.apple.com/paymentservices/

Is there a way to make a subscription's auto-renewal fail in sandbox environment? Currently, I see no such options (screenshot)

I'm implementing Apple Pay for our application via the Apple Pay JS API, and everything works as expected when initiating a session from a Safari browser. However, when attempting to start a session in a non-Safari browser (Chrome in this case), I see the following behavior: The "Scan Code with iPhone" popup appears I scan the code with my device (9th gen iPad running iPadOS 18.5 if that matters) The Apple Pay view does not appear on the device, and the "Scan Code" popup closes on the browser without any further information given. I can see the messages being passed in the network tab, with the final message being a "getPaymentRequestResponse" message appearing at the time the code is scanned. I suspect merchant validation is failing since that should be the next step, but that's just an educated guess at this point. I would appreciate any help getting this issue resolved.

We are trying to develop a coupon/offer code module where our app users can avail a free trail offer for 2 months period after applying the code. We already had a subscription module with monthly & yearly subscriptions with 7 day free trial period. Now, we want to implement a offer/coupon module, where, a user can either select monthly or yearly subscription, and upon entering the offer/coupon code, they will get 2 months free trial (or) a discount on the chosen subscription. (this will overwrite the existing 7 day free trial). We are confused on choosing the type of “offer/coupon” from AppStore connect. In App Store connect, we have introductory offers, promotional offer & Offer codes. Based on our requirements, we have done research and found that we cannot implement the offer code & promotional codes in the develop environment as there is no possibility to test in Sandbox environment. We observed that we need to push the app to App store and upon approval, we need to implement “offer/coupon” module. Can some one please suggest or guide us on choosing the best solution for our requirement? Thanks in advance.

Hi support, I'm getting the following error when I tried to re-verify my domain: Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used. I have uploaded the required apple-developer-merchantid-domain-association.txt file and it is reachable from the Internet in the proper location https://www..com/.well-known/apple-developer-merchantid-domain-association.txt. The SSL certificate has been renewed and it offers at least one of required cipher suites based on the Apple document https://developer.apple.com/documentation/applepayontheweb/setting-up-your-server. The current verification will expire soon. Need your help urgently. Thanks, YaoF

In the docs, I see a button type with label "Pay With [apple logo]. https://developer.apple.com/design/human-interface-guidelines/apple-pay Although I don't see this type as an option here: https://developer.apple.com/documentation/PassKit/PKPaymentButtonType Wondering if I'm looking in the right place and if this button type is still available?

We are developing a native iOS financial application called Tradu: Stocks, Forex, and CFDs (Apple ID: 6473443264), which embeds a WKWebView to render all user-facing logic. All user interactions—including authentication with MFA—occur inside this WKWebView. To access native functionality, we use postMessage() to communicate between the web and native layers. This approach has worked successfully for biometric authentication, for example. We are currently integrating Apple Pay In-App Provisioning and have a few questions regarding compliance with the documentation provided by our Issuer Host (Modulr). In the document titled Getting Started with Apple Pay: In-App Provisioning, Verification, Security, and Wallet Extensions (Version 4.0, February 2023), all examples are based on a fully native application. We’ve managed to integrate most of the In-App Provisioning flow via postMessage() up to the point of passing encryptedData to the Payment View. Apple Pay button inside WKWebView In Section 7: Frontend Overview, the user initiates the provisioning by tapping a native PKPaymentButton (SwiftUI example). In our case, this button is rendered inside the WKWebView, styled according to the Apple Style Guide. While the document references this approach as a “raw mark text supplement,” is this method acceptable and compliant with Apple’s UX and technical guidelines? MFA requirement before provisioning In Section 4: Security Guidelines, it is stated that the user must have passed MFA at least once before starting the provisioning flow. In our implementation, users must complete MFA on every login (including on recognized devices) before the provisioning UI becomes available. Even though this is not tied specifically to “unrecognized devices,” is our MFA requirement sufficient to satisfy Section 4.2? Summary: Is using a web-rendered Apple Pay button inside WKWebView (instead of a native PKPaymentButton) considered compliant? Is our MFA enforcement model (required on every login) aligned with the security requirements outlined in Section 4.2 of the Apple Pay In-App Provisioning documentation?

Hello! We are using "Apple Pay Web Merchant Registration API" https://developer.apple.com/documentation/applepaywebmerchantregistrationapi Recently we successfully updated the Payment/identity certificates at our main merchant ID And we have a few questions: Do we need make the Domain verification for all of our sub-merchants again after the Certificates update? How we can check the expiration of domain verification of merchants that we integrate trough API endpoint (https://apple-pay-gateway.apple.com/paymentservices/registerMerchant), and do verified domains via API have an expiration date??? How we can understand does the our universal domain verification file (apple-developer-merchantid-domain-association) have expiration too? Thanks in advance!

My Raiffeisen ELBA-App doesnt work anymorw since i downloaded ios 26 beta 3 i cant open the app pls fix it because its my only banking app

We plan to set Manual PAN Entry Allowed = N and accept only issuer push provisioning (PKAddPaymentPass). Is there any Apple Pay programme rule that obliges us to keep MANUAL_ENTRY enabled? Will disabling it affect “Participating Issuer” listing?

I have the HCE entitlements, but it's not clear from the documentation I have, how to configure my app as the default app for the double tap of the power button. Nor can i see where this is in iOS 18.2 settings. The closest I can find is 'Settings > Default Apps > Contactless App', which still shows only Wallet after I install my app with all the new entitlements and provisioning profile. I have these entitlement successfully provisioning my app: <key>com.apple.developer.nfc.hce</key> <true/> <key>com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes</key> <array> <string>A0000000031010</string> <string>A00000002501</string> <string>A0000000049999</string> <string>A0000000041010</string> </array> <key>com.apple.developer.nfc.hce.default-contactless-app</key> <true/> The documentation here: https://developer.apple.com/support/hce-transactions-in-apps/ also references a link to changes in Info.plist, but the url takes me to storekit-external-entitlement documentation about dating apps in the netherlands ???!!!??? Any help would be appreciated to at least get started by allowing me to change the double tap action to my app. Thanks

We request your support in enabling the extended entitlement feature for our team when creating provisioning profiles. This is because we need to include the ApplePay In-App Provisioning Development extended entitlement in our Bancoagricola app. Currently, when creating new provisioning profiles, the screen to configure Additional Entitlements is not displayed for our team. However, we have verified with our provider HST (https://hst.com.br/) that this screen does appear in their Apple account. Thank you very much for your support.

We have verified our domain but if the file is removed from the deployed site after verification will this impact using ApplePaySession.applePayCapabilities in real time? We use that method from the JS api in our React app to determine whether or not to show the apple pay button. When that function is called in the browser, do the apple servers ping the https://our.domain.com/.well-known/apple-developer-merchantid-domain-association URL at that time? Or do they check for it periodically? The reason for asking is that with our many environments we wonder if we can verify each environment's domain by adding the file once. The file will be wiped out by our CICD process as it goes up the environment stack through our development workflow. Or do we need to maintain that file for each environment and add something to our build process?