Issue Description In our Apple Pay integration process, the validation URL returned from the onvalidatemerchant callback is: https://apple-pay-gateway.apple.com/paymentservices/startSession However, according to Apple’s official documentation (reference link), the correct validation URL is: https://apple-pay-gateway.apple.com/paymentservices/paymentSession We are seeking clarification and assistance regarding the following issues: Issue 1 Will continuing to use the startSession URL cause problems or errors? Are there functional differences between the two URLs (startSession and paymentSession)? Does Apple still officially support startSession, or are we required to switch to paymentSession? Issue 2 We occasionally experience the following 400 error, even though the URL we use for validation is the one returned from the onvalidatemerchant callback: 400: { "statusMessage": "Payment Services Exception merchantId=*** not registered for domain=***.com", "statusCode": "400" } We have verified the following: Our Merchant ID and certificates are valid. All Apple Pay configuration details, including merchant domain verification and placement of the .well-known/apple-developer-merchantid-domain-association file, have been correctly set up and verified. However, we still encounter the error intermittently. Questions: If we need to transition to using paymentSession, how should we do this? Could this error be related to the use of startSession? If not, how should we troubleshoot further? Support Needed Confirmation and clarification on the proper usage and differences between the two URLs: startSession and paymentSession. Guidance on how we can investigate and resolve the 400 error to ensure that the Apple Pay validation process works consistently. We appreciate your assistance and support!

Hello, I'm experiencing an irregular issue with Apple Pay merchant domain verification. As you know, Apple requires domain verification every two months to maintain Apple Pay functionality. The problem is that while the verification sometimes happens automatically without any issues, other times it fails to complete, even though the required file "apple-developer-merchantid-domain-association.txt" is correctly available on our server. When automatic verification fails, the Apple Pay service becomes non-functional on our website, forcing us to perform a manual verification to restore the pending service. Is it normal to encounter such inconsistent automatic verification processes? What could be causing these intermittent verification failures, whereas manual verification always succeed? suggesting this might not be related to IP address restrictions described on the Apple documentation. Thank you in advance,

Hi Guys, I have asp.net web application targeting framework 4.7.2 . The requirement is to integrate apple pay to the site as a payment method. Can any one help me on the below queries. As the development will be in visual studio, is it require to have a apple developer account. if yes, which subscription is required (individual/organization). I believe to obtain merchantID, payment processing certificate apple developer account is required but not sure like which subscription is required. Is there any supporting document or code snippet to integrate apple pay in .net application. Is it required to use browser safari or iphone or ipad for testing the apple pay? can the testing be done using chrome browser? Is it a direct integration using c# code or do I need to use any third party payment gateway like stripe, authorize. Thanks in Advance

I am currently testing Apple Pay integration on my sandbox environment and I am in need of test cards for failed cases such as insufficient balance. Does anyone have access to or know where I can find Apple Pay test cards specifically for scenarios where transactions fail due to reasons like insufficient balance? Any help or guidance on this matter would be greatly appreciated. Thank you.

Why did my sandbox test fail due to not being able to obtain the product list?

We created apps for many credit unions in Canada. Some of those apps has the feature to directly add users' debit cards to Apple Wallet (which is called by Apple as "in-app provisioning"). The feature has been working fine for at least 6 years for many credit unions. Recently, after updating one of those existing apps, we found out that the in-app provisioning is no longer working. Found it very strange, as we didn't touch the code base related to this feature for a very long time. One thing we found out is that the option to add in-app provisioning entitlement is missing during generating "provisioning profile" for the app. Is this a misconfiguration by App? Or do we need to request for additional entitlement migration as mentioned in the page: https://developer.apple.com/help/account/reference/provisioning-with-managed-capabilities ? Apple, please help, it's rather urgent.

Hello there, i'm new in trying to use the apple wallet API. we want to create passes to add identification credentials in the costumer's apple wallet. but we have doubts, for example: is it mandatory to pay the apple developer memebership to use the examples of apple wallet api? also, is there a way or an example of using this API in node.js? Thanks for your attention, i will be waiting for your answers.

I am writing to express my deep dissatisfaction with a recent experience involving your services. I have discovered that I have been charged twice for the same product or service, which I find unacceptable. Additionally, I have not received the necessary support to resolve this issue, and the product or service in question does not function as it should. The treatment I have received has been neglectful and far below the standards I expect from a company that prides itself on providing quality service. This situation has not only shaken my confidence in your services but has also caused significant frustration as a customer. I demand an immediate resolution to this issue, including a refund for the duplicate charge and assurance that the purchased product or service will work as promised. If I do not receive a satisfactory response, I will be forced to take further action to protect my rights as a consumer. I look forward to your prompt response to resolve this matter.

I am seeking an assistance with an issue we've encountered during our efforts to integrate Apple Pay into our web application. We're using Angular on our client side. and our server side is powered by AEM(Adobe Experience Manager), which is based on Java. As part of our integration process, we're following the Apple Pay documentation. However, we've encountered a challenge during the merchant validation step. Our server-side implementation, responsible for validating the merchant identity and generating a session object for payment requests, is encountering an SSL handshake error. Here's the error message we're encountering: javax.net.ssl|FINE|01|main|2024-03-20 05:19:52.812 IST|SSLCipher.java:1817|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|FINE|01|main|2024-03-20 05:19:52.813 IST|SSLCipher.java:1971|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|FINE|01|main|2024-03-20 05:19:52.849 IST|SSLCipher.java:1817|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|FINE|01|main|2024-03-20 05:19:52.850 IST|SSLCipher.java:1971|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|FINE|01|main|2024-03-20 05:19:54.082 IST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=apple-pay-gateway-cert.apple.com) was replaced with (type=host_name (0), value=apple-pay-gateway-cert.apple.com) javax.net.ssl|FINE|01|main|2024-03-20 05:19:54.448 IST|SSLCipher.java:1817|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|FINE|01|main|2024-03-20 05:19:54.448 IST|SSLCipher.java:1971|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|SEVERE|01|main|2024-03-20 05:19:54.453 IST|TransportContext.java:369|Fatal (CERTIFICATE_UNKNOWN): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ( "throwable" : { sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306) at sun.security.validator.Validator.validate(Validator.java:271) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:221) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:128) at sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1339) at sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1230) at sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1173) at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376) at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:479) at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:457) at sun.security.ssl.TransportContext.dispatch(TransportContext.java:200) at sun.security.ssl.SSLTransport.decode(SSLTransport.java:155) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434) ... 24 more} } We've reviewed our server configuration and checked that the SSL/TLS settings are correctly configured. Additionally, we've ensured that the server's SSL certificate is valid and up-to-date.

Hello, I am experiencing an issue with the Apple Pay capability on my App ID. I have created a Merchant ID. I enabled Apple Pay in the App ID configuration and linked it to the merchant. However, sometimes when I revisit the App ID in the Apple Developer portal, the Apple Pay capability appears disabled, even though I saved it. This happens intermittently; at some times the capability is correctly shown as enabled, and other times it disappears. Context: I am using Expo Managed Workflow with EAS Build for iOS. The issue prevents the provisioning profile from including Apple Pay, which causes Stripe isPlatformPaySupported function to return false on ios devices. Attached: Screenshots of the App ID page showing Apple Pay enabled and disabled. Could you please advise why the capability is not being consistently saved, and how to ensure it stays enabled? Thank you,

My Raiffeisen ELBA-App doesnt work anymorw since i downloaded ios 26 beta 3 i cant open the app pls fix it because its my only banking app

Is there a way to make a subscription's auto-renewal fail in sandbox environment? Currently, I see no such options (screenshot)

I have added an auto updatable pass to wallet. As soon as it is added I am able to receive the registration request. When there is change available for the pass I am able to trigger push notification to registered device via APNS. I am also able to receive the consecutive call about serial numbers. In the final call made from device to /v1/passes endpoint , server is sending the pass with these headers - Content-Type, Content-Disposition, Last-Modified however the pass is not getting updated. There are no logs received on /v1/log endpoint. From a MacBook when I hit the same endpoint, I am able to download and open the pass. Anything else that is needed on the headers so it can work on device? Is it necessary to have change description in the updated pass so that pass can update on device?

Hi team @ Apple, Is an MPAN always provided with an ApplePayPaymentToken? I heard there are old devices that will provide only a DPAN. Is this correct, and do we need to support the case where only a DPAN is present? I.e. what percentage of devices doesn't support MPAN? Thanks

Dear Apple team and developers, We integrated Apple Pay E-Commerce on our system and made successful transaction at January using following certificates. Merchant Identity Certificate (generated from our Apple developer account) Payment Processing Certificate (generated from our Apple developer account) Payment Session Server Certificate (used following command and generated from apple-pay-gateway-cert.apple.com:443 test URL) Command: openssl s_client -connect apple-pay-gateway-cert.apple.com:443 -key MIC_priv.key -cert MIC_merchant_id.pem -showcerts | openssl x509 -outform DER > apay_ident_trusted_cert_test.der Root CA G3 (Downloaded “Apple Root CA – G3 Root” from https://www.apple.com/certificateauthority/ ) But at this month, we got new certificate problem (please check following) when we try to execute Apple Pay E-Commerce transaction. Certificate 'C=US,O=Apple Inc.,OU=Apple Certification Authority,CN=Apple Application Integration CA - G3' is not valid Certificate. What is this certificate? And Where can I download or generate this certificate from? Could you please advise/give us good information for this certificate problem? Best Regards, Bilguun Enkhbaatar

调用 API 时，返回以下错误：Apple Pay 处理证书、Apple Pay 商家身份证书和商家域均已设置 { “statusMessage”： “支付服务异常 merchantId=1A9569E9792DB13B9BEE22EDB30515DE75D512B91A2C86C54D4065AD1ECC712E 未经授权代表 merchantId=4D08091EACD9C0D2E25CB94895D1B0DAE73970D6A517EF2988D6D929D1336DA1 reason=4D08091EACD9C0D2E25CB94895D1B0DAE73970D6A517EF2988D6D929D1336DA1 不是 WWDR 的注册商家，也没有通过 Mass Enabling 获得适当授权。 “状态代码”： “417” 连接到主机的 #0 apple-pay-gateway.apple.com 完好无损 }

We are trying to develop a coupon/offer code module where our app users can avail a free trail offer for 2 months period after applying the code. We already had a subscription module with monthly & yearly subscriptions with 7 day free trial period. Now, we want to implement a offer/coupon module, where, a user can either select monthly or yearly subscription, and upon entering the offer/coupon code, they will get 2 months free trial (or) a discount on the chosen subscription. (this will overwrite the existing 7 day free trial). We are confused on choosing the type of “offer/coupon” from AppStore connect. In App Store connect, we have introductory offers, promotional offer & Offer codes. Based on our requirements, we have done research and found that we cannot implement the offer code & promotional codes in the develop environment as there is no possibility to test in Sandbox environment. We observed that we need to push the app to App store and upon approval, we need to implement “offer/coupon” module. Can some one please suggest or guide us on choosing the best solution for our requirement? Thanks in advance.

When I click to my Apple Pay button, my function below doesn't trigger the completeMerchantValidation method as expected, but the oncancel method (which logs errorCode "unknown" in Safari developer tools) : const processApplePayment = async () => { if (window.ApplePaySession) { const session = new window.ApplePaySession(6, { countryCode: 'FR', currencyCode: 'EUR', merchantCapabilities: ['supports3DS'], supportedNetworks: ['visa', 'masterCard'], total: { label: `Bon d'achat ${partnerName}`, type: 'final', amount: cartTotalValue.toString() } }); session.onvalidatemerchant = async event => { try { const merchantSession = await validateMerchantSession(event.validationURL); console.log('merchant session : ', merchantSession); if (!merchantSession) { console.error('Invalid Apple Pay merchant session'); } session.completeMerchantValidation(merchantSession); } catch (error) { console.error('merchant validation error : ', error); session.abort(); } }; session.onpaymentauthorized = async event => { console.log('payment authorization event : ', event); try { const link = await authorizePayment( event.payment.token, userInfo, partnerId, order.id ); console.log('payment authorized link : ', link); window.location.href = link; } catch (error) { console.error('Apple Payment authoriation error : ', error); const errorUrl = `${PATH.EBON_ERROR_PATH}-${partnerId}?paiement=error&orderId=${order.id}`; window.location.href = errorUrl; } }; session.oncancel = event => console.log('Apple Pay cancel event : ', event); session.begin(); } }; The validateMerchantSession function successfully returns this payment session from Apple server : { "epochTimestamp":1739279973502, "expiresAt":1739283573502, "merchantSessionIdentifier":"SSH108C7ED6746A48E38EA8D253D33CCAA5_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C46B0DE5A943F0F94927C24", "nonce":"150de193", "merchantIdentifier":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "domainName":"lesnumeriques-bonsdachat.htmal1.com", "displayName":"Les Numériques", "signature":"308006092a86...779cd643c000000000000", // long string "operationalAnalyticsIdentifier":"Les Numériques:11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "retries":0, "pspId":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A" } What could I do wrong and how could I fix it please ?

Hi all, Recently Apple made Buy Now, Pay Later options available on devices running on iOS 18 or above. Is there a way to disable that option in the payment sheet? I tried looking through the PKPaymentNetwork enums, and didn't find anything that corresponded with Affirm or Klarna. Is there another way that I can disable it?

We’ve an implementation of apple pay with asia pay as gateway . We want to access that from external iframe . although we’ve been able to load the apple pay widget not able to validate merchant and tokenize in iframe. Please let us know if apple pay with asia pay is available to be used within iframe.