Hello, I am developing an Apple Pay and In-App Provisioning integration for the bank where I work. All entitlements are properly configured, and we are integrated correctly with our Payment Network Operator (PNO). We are using PKAddPaymentPassViewControllerDelegate to handle the provisioning process. The flow progresses as expected up to the Terms and Conditions screen. However, after accepting the terms, the process fails with the message: "Could not add card." Upon checking the device logs using the Wallet profile configuration, I observed the following response from Apple's backend: Response: https://nc-pod10-smp-device.apple.com:443/broker/v4/devices/041315032816900221610987313158566F368A9CEBA1291E/cards/745f792b9d0644e5a6e713d54f505296/enable 500 Time profile: 1.80458 seconds { x-conversation-id = "6ec59a63424f4035915e32f22ea645e4" Vary = "accept-language" Content-Type = "application/json" x-pod = "nc-pod10" x-keystone-correlationid = "E3DD5A5A-FD18-4500-8570-2BD1334E281C" Date = "Thu, 17 Apr 2025 07:05:03 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "49" x-envoy-upstream-service-time = "964" x-pod-region = "paymentpass.com.apple" } { errorCode = 40456; statusCode = 500; } This seems to indicate that the card enablement step is failing on the server side. Our internal systems have not logged any request failure from Apple at this step, which makes it difficult to pinpoint whether the issue is in the PNO integration, entitlement configuration, or something else. We are currently testing in a production environment on a physical device (not using sandbox), and provisioning flows are initiated through our iOS app using PKAddPaymentPassRequest. Could you please help us interpret error code 40456 and identify what steps we should take to resolve this issue? If needed, we can also provide the full device log and additional details. Thank you in advance for your support. Best regards, Mansur Bagwan

Earlier this year implemented saving event tickets to Apple Wallet (and Google Wallet, which was painful by comparison!), as an optional alternative to recipients leaving the QR Codes in email or printing them. Scanning barcodes on entry is done using camera on phones (either iPhone or Android). This is a somewhat pressured situation with lots of people needing scans in quite a short period of time. I do not do this myself but I do get feedback. it was reported to me that Apple Wallet barcodes are significantly harder to scan accurately than those in Google Wallet. They think that is because the Apple QR Codes are quite a bit smaller (and presumably harder, therefore, to get focussed properly). They do work, it just takes longer to get a successful scan. This doesn’t seem to be anything I can control, and there seems to be plenty of space to make them bigger, even on my iPhone mini. These aren’t terribly dense barcodes; I imagine they would be harder still if they were. I also guess specialised barcode readers might do better, but we don’t have that luxury. I’d appreciate it if they could be bigger when displayed in Apple Wallet, or at least to have that as an option.

I've completed the setup required for in-app push provisioning on the iOS platform. Encountering an issue at the completion handler step while sending data back to the PassKit framework. The delegate method used is: func addPaymentPassViewController(completionHandler handler: @escaping (PKAddPaymentPassRequest) -> Void) The error observed is: Error Domain=PKPassKitErrorDomainCode=2 which is PKUnsupportedVersionError The device used for testing is running iOS version 17.4.1.

For Apple Pay testing, I have tried the following: Sign into the Sandbox Account via Developer Settings: Settings > Developer > Sandbox Account Keep your main Apple ID for everything else Add Test Cards to Wallet: Try adding the test card numbers (MasterCard and Visa Debit, as we support only those) Apple provides in their documentation. Unfortunately, none of them are added to the wallet. All the time it gives 'Could Not Add Card'. I tried on devices with iOS 18+. Can anyone advise on this? Thanks

Hello Everyone, I am trying to integrate apple pay on my website and have followed the following steps. Created a merchant identifier in my apple developer account. Generated a payment processing certificate using Certificate signing Request generated through keychain. Downloaded the certificate and converted that to pem file using the following command openssl x509 -inform DER -in apple_pay.cer -out apple_pay.pem Imported the cer file into keychain and exported .p12 file and generated private key using the following command. openssl pkcs12 -in Certificates.p12 -out private_key.pem -nocerts Utilizing apple_pay.pem and private_key.pem files for merchant verification call and getting the following response. cURL Error: OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0 Trying 17.141.128.7:443...\n* TCP_NODELAY set\n* Connected to apple-pay-gateway.apple.com (17.141.128.7) port 443 (#0)\n* ALPN, offering h2\n* ALPN, offering http/1.1\n* successfully set certificate verify locations:\n* CAfile: /etc/ssl/certs/ca-certificates.crt\n CApath: /etc/ssl/certs\n* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256\n* ALPN, server accepted to use http/1.1\n* Server certificate:\n* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; CN=apple-pay-gateway.apple.com\n* start date: Dec 19 00:22:44 2024 GMT\n* expire date: Mar 12 19:42:00 2025 GMT\n* issuer: C=US; O=Apple Inc.; CN=Apple Public EV Server RSA CA 1 - G1\n* SSL certificate verify ok.\n> POST /paymentservices/startSession HTTP/1.1\r\nHost: apple-pay-gateway.apple.com\r\nAccept: /\r\nContent-Type: application/json\r\nContent-Length: 143\r\n\r\n* upload completely sent off: 143 out of 143 bytes\n* OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0\n* Closing connection I also tried to include AppleWWDRCAG2 and AppleRootCA-G2 certificated but same response every time.

I'm encountering an issue with Apple Pay on both Wallet and the Watch app where the app name is not showing up on the back of the payment card(Card details). The pass was successfully provisioned, and everything seems to be working, but the expected app name or brand isn't displayed, and instead, I see the generic "Something went wrong. Try again Later" message. Do we need to configure something to get this displayed in Wallet app?

We have recently begun testing in our production environment and have been unable to push provision any cards, receiving a 500 error: default 11:15:59.136742-0300 PassbookUIService Response: https://pr-pod9-smp-device.apple.com:443/broker/v4/devices/SEID_NUMBER/cards 500 Time profile: 0.486102 seconds { x-conversation-id = "52463d9f488e428f829633a1518ea72d" Vary = "accept-language" Content-Type = "application/json" x-pod = "pr-pod9" x-keystone-correlationid = "058F11DE-839F-47AC-A623-741BF32CEA80" Date = "Thu, 16 Jan 2025 14:15:58 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "81" x-envoy-upstream-service-time = "172" x-pod-region = "paymentpass.com.apple" } { statusCode = 500; statusMessage = "Broker Service Response exception"; } In 05/2024 we received an e-mail from applepayentitlementsapple.com confirming the granting of in-app provisioning entitlements for our production apps. We've already sent a feedback on Feedback Assistant. Here is the code to track: FB16344669. Also, we sent another e-mail to applepayentitlementsapple.com, Case-ID: 11317916, but we haven't received a reply yet. Can you help us? We are concerned, since our pre-certification starts on January 27th. Thanks in advance.

Hello Apple Developer Team/Community, I am working on developing an Apple Wallet pass with NFC functionality for our electric vehicle (EV) charging stations. The goal is to enable a "tap-to-start charging" feature, providing a seamless and efficient experience for users. However, my request for an NFC certificate to enable this functionality has been rejected. Here is a summary of my use case and actions taken so far: 1. Use Case: The Wallet pass will allow users to initiate charging sessions by tapping their iPhones or Apple Watches on the EV charger. This feature aims to simplify the process by eliminating the need for additional apps, physical cards, or manual inputs. It enhances accessibility and aligns with Apple’s goals of providing users with secure and convenient solutions. 2. Steps Taken: Submitted the NFC certificate request with a detailed explanation of the functionality. Included diagrams and supporting documents demonstrating the workflow and system readiness. Received a rejection without clear guidance on how to address the issue. 3. Technical Readiness: Our backend is fully prepared to support NFC passes, including secure processing of tap events and payload encryption. The Wallet pass has been configured to include the nfc field with the required encryptionPublicKey. Request for Assistance: Could you provide guidance on improving my application to meet Apple’s criteria for NFC certificates? Are there specific requirements or examples of successful NFC-enabled Wallet pass applications that I can use as a reference? If anyone has faced a similar rejection, what steps did you take to get approval? Additional Information: Use case: EV charging stations NFC functionality: Tap-to-start charging session Current implementation: Pass is functional without NFC but requires NFC for seamless operation. Any advice or resources to help resolve this issue would be greatly appreciated. Thank you for your time and support. Best regards, DeveloperSquillion

We are seeking assistance with an issue encountered during the integration of Apple Pay into our web application using the third-party payment gateway Heartland. Our application uses JavaScript on the client side and PHP on the server side. Despite following all the guidelines provided by Heartland, we are unable to validate the merchant at the backend. The validation consistently returns false. We request your guidance or a step-by-step solution to help resolve this issue. Steps Followed: Registered a merchant identifier in our Apple Developer account. Enabled the Apple Pay Processing Certificate for the merchant. Logged into the Heartland account, accessed the Apple Pay setup page from the "Keys and Credentials" section, and created a Certificate Signing Request (CSR). Uploaded the CSR from Heartland to the Apple Pay Processing Certificate in the Apple Developer account. Downloaded the signed certificate from the Apple Developer account and uploaded it to Heartland. For the web application: Registered the merchant identifier and validated our domain in the Apple Developer account. Created a Merchant Identity Certificate linked to the same merchant identifier. Followed the same steps 2–5 from the in-app implementation. Code Implementation: Client-Side (React): import React from 'react'; const Button = () => { const initializeApplePay = () => { if (window.ApplePaySession && window.ApplePaySession.canMakePayments()) { const paymentRequest = { countryCode: 'US', currencyCode: 'USD', supportedNetworks: ['visa', 'masterCard', 'amex'], merchantCapabilities: ['supports3DS'], total: { label: 'Your Store', amount: '1.00' }, }; const session = new window.ApplePaySession(3, paymentRequest); // Merchant Validation session.onvalidatemerchant = (event) => { fetch('https://staging-api.parkengage.com/apple-pay-session', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ initiative: 'web', initiativeContext: 'parkengage.com', validationURL: event.validationURL, }), }) .then((response) => response.json()) .then((data) => { if (data.error) { console.error('Merchant validation failed:', data.error); } else { session.completeMerchantValidation(data); } }) .catch((error) => console.error('Validation error:', error)); }; session.onpaymentauthorized = (event) => { const paymentToken = event.payment.token; fetch('/process-payment', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ token: paymentToken }), }) .then((response) => response.json()) .then((data) => { if (data.success) { session.completePayment(window.ApplePaySession.STATUS_SUCCESS); } else { session.completePayment(window.ApplePaySession.STATUS_FAILURE); } }) .catch((error) => console.error('Payment error:', error)); }; session.begin(); } else { console.log('Apple Pay is not supported on this device.'); } }; return ( Buy with Apple Pay ); }; export default Button; Server-Side (PHP cURL): curl 'https://staging-api.parkengage.com/apple-pay-session' -X 'POST' -H 'Content-Type: application/json' --data-binary '{ "initiative": "web", "initiativeContext": "https://parkengage.com", "validationURL": "https://apple-pay-gateway-cert.apple.com/paymentservices/startSession" }' Issue: The merchant validation fails and returns false. Please guide us on troubleshooting this issue or provide insights on missing configurations.

Hi, We are trying to make payment from ecomm merchant. The last request during process is { "sessionData": { "epochTimestamp": "1741082241", "expiresAt": "1741092241", "merchantSessionIdentifier": "SSH88312C485D_7E0DD10173", "nonce": "3f6dc197", "merchantIdentifier": "5F9BC6BAF8", "domainName": "libertybank.ge", "displayName": "Apple Pay Purchase", "signature": "3080060000", "operationalAnalyticsIdentifier": "Apple Pay Purchase:5F9BC6BAF8", "retries": 0, "pspId": "5F9BC6BAF8" } } which is successfully validated applePaySession.completeMerchantValidation(data.sessionData) After this, the "oncancel" handler is triggered in applePay. Please help us to understand what is wrong. Please note the domain where the applepay button is located is at txpg.libertypay.ge Which is successfully verified.

When attempting to make a payment via Apple Pay in the card payment form, an error occurs, but there is no information about the error. Here, you can watch a video with detailed information about what happened: https://drive.google.com/drive/folders/1bco64RH3UPcJTqjW6muIRDr1gW7lnJ6d?usp=sharing

Hi, Please refer the info graphic . I'm an issuer Bank App, who wants to add a card to phone's Digital Wallet. When I hit add to Apple or Google wallet, my API call goes to a Token Requester server and then to Token Service provider. In this process, I do get a JWT token back, but when I try to add token to Digital Wallet, I always get the message "The pass cannot be read because it is not valid". So few question: Is there a way to debug the token that is received by the app? Is there any kind of API console that I can look to see what is happening and why the pass is not valid? I, being the Issuer Bank App, a Token Service Requester and A Token Service Provider, who should be communicating with Apple servers? Are there any documents that explicitly shows (example) the flow of adding a credit card to Digital Wallet from iOS perspective? Any other help is appreciated. On my end, I have done this: public void AddToDeviceAsync(string data) { try { var dataArray = Encoding.UTF8.GetBytes(data); if (data.Length > 0) { if (PKAddPassesViewController.CanAddPasses && PKPassLibrary.IsAvailable) { _nsData = NSData.FromArray(dataArray); ObjCRuntime.Class.ThrowOnInitFailure = false; _pkPass = new PKPass(_nsData, out NSError e); if (!string.IsNullOrWhiteSpace(e?.LocalizedDescription)) { UserDialogs.Instance.AlertAsync(e.LocalizedDescription, AppResources.Alert); return; } if (!PkLibrary.Contains(_pkPass)) { var controller = new PKAddPassesViewController(_pkPass); var rootViewController = UIApplication.SharedApplication.Delegate.GetWindow().RootViewController; if (rootViewController != null) { var topController = TopViewControllerWithRootViewController(rootViewController); topController?.PresentViewController(controller, true, null); } } else { UserDialogs.Instance.AlertAsync(AppResources.Pass_Already_Present, AppResources.Alert); } } } else { UserDialogs.Instance.AlertAsync(AppResources.Invalid_Pass_Data, AppResources.Alert); } } catch (Exception e) { UserDialogs.Instance.AlertAsync(e.Message, AppResources.Alert); } }

Hi Support, When the applepay express transit option is used on emv payment cards, like this iPhone - Open “Settings” → “Wallet & Apple Pay” → “Express Transit Card”. And a emv single card has been enabled under Express Transit And on transit reader Apple Enhanced contactless Polling support is provided, ( with VAS not supported, user authentciation not supported) Sometimes ATQB response also comes from the iPhone or iWatch instead of the ATQA response, and then it causes the transit reader to report as collision error in the polling. Sequence of the packets: WUPA WUPB ECP frame WUPA WUPB ATQB WUPA ATQA

The Shortcuts app offers the possibility to trigger shortcuts/intends when a wallet credit card is used and a new transaction is created. I would like to add transaction details to one of my apps and use such a shortcut for it. Other apps do the exact same thing, so this should not be a problem. Adding a shortcut to my app was not a big deal. However, how can this be tested on simulator? When trying to add a new automatization in the Shortcuts app using a wallet transaction as trigger I cannot finish the setup dialog since the Next button is disabled. I assume this is because no card is configured. When trying to add a card in Wallet I just receive that this was not successful. I have connected the simulator to a Sandbox Apple ID account using a region which supports Apple Pay (US). Using a real account does not solve the problem. Any idea how to get this working? Using real transaction within a store could obviously not be the solution for debugging.

We are implementing Apple Pay and Wallet features in our app and using mocked data for testing purposes. Specifically, in the status(completion:) method of PKIssuerProvisioningExtensionHandler, we return: passEntriesAvailable: true, remotePassEntriesAvailable: true, requiresAuthentication: true, In the passEntries(completion:) method, we provide mocked data for our card. The issue is that the app icon inconsistently appears under the "From Apps on Your iPhone" section in the Wallet app. Sometimes it shows up as expected, but other times it does not. On recent occasions, when the app is selected and mocked authorization is paased, the behavior includes a system error 'Cannot Add Card' even though we provided status that indicates that the app has available cards for Wallet. For reference: The app uses two bundle IDs supporting in-app provisioning and PNO Pass Metadata has not been configured yet. Could you help clarify the potential reasons for this inconsistent behavior?

I have apple pay on the web running ok on our website, using ios devices When I load the cart in a browser and try using the 'scan now qr code', my pay sheet displays on my iphone and then immediately closes. How can I debug the issue? I'm not seeing any logging or issues.

We are an issuer attempting to implement In-App Provisioning of Payment Cards leveraging Mastercard MDES and have successfully obtained our entitlement from Apple, but have not received the documentation titled "Getting Started with Apple Pay In-App Provisioning, Verification & Security". The latest copy I have found has been via Scribd for a version 3.0 from June 2020. I've tried contacting Apple Support and the In-App Provisioning Entitlements group but have had no luck. Thank you!

I can’t send or receive money with Apple Cash My account is restricted but only Apple Cash everything else works fine help

Hi! I am working on automating the Apple Pay integration process in our CI/CD pipeline and would like to confirm whether a fully automated setup is currently possible for our preproduction environment. Right now, our process is as follows: A certificate is generated for the root domain and for each individual merchant subdomain. Both certificates are manually uploaded to our preproduction servers to test and verified via HTTP. We’d like to automate this flow in GitLab CI, mainly the generation of the necessary certificates programmatically or via API. However, from my research, it seems that Apple does not currently provide an API or any support to automate this task, but I’d like to confirm this directly with you. Is there any official support or workaround for this kind of automation? If not, do you have any plans to provide it in the future? Thanks in advance for your help.

I have a question regarding the file apple-developer-merchantid-domain-association.txt. I understand that this file is used during API access for Apple Pay Web payments. However, is it necessary for our company to access this file during the payment process? Also, this domain validation file is expected to be placed in the publicly accessible “.well-known” folder on our web server. Is it acceptable for this file to remain readable by third parties on the Internet, including Apple’s servers, without posing any security risks? Since this file is generated during domain registration on the Apple Developer site and is unique to our domain, we believe there should be no security concerns even if accessed by third parties. However, are there any specific security requirements for this domain validation file? Please note that the domain validation has already been successfully completed. We appreciate your time and look forward to your guidance. Best regards,