Our company sells insurance and we'd like to offer annual renewals via Apple Pay on the Web. Most of the docs seem to point towards using recurringpaymentrequest but this method required an amount value which would only be calculated at renewal time. It appears that Shopify is doing something akin to what we want where they do auto payments so my question is can we do annual payments with unknown renewal prices with Apple Pay for Web ? What we cannot do is show the renewal price like this as it being insurance is almost certain to change. This is our current code which works but won't get past the regulator. const applePayPaymentRequestAnnual = { countryCode: 'GB', currencyCode: 'GBP', supportedNetworks: ['visa', 'masterCard'], merchantCapabilities: ['supports3DS'], requiredBillingContactFields: ['postalAddress', 'email'], requiredShippingContactFields: ['phone'], recurringPaymentRequest: { paymentDescription: 'Annual Insurance Renewal', regularBilling: { label: 'Annual Renewal Premium', amount: price, paymentTiming: "recurring", recurringPaymentIntervalUnit: "year", recurringPaymentStartDate: year + "-" + month + "-" + day + "T00:00:00.000Z", type: 'final' }, managementURL: window.location.protocol + '//' + window.location.host + '/manage-policy', tokenNotificationURL: window.location.protocol + '//' + window.location.host + '/apple-pay-notifications' }, lineItems: [{ label: alabel, amount: price, }], total: { label: alabel, amount: price, type: "final" }, }

I’m having an issue verifying a domain for a Merchant ID. I’m implementing Apple Pay on the web for a demo, and I’ve configured the Azure server to match Apple’s requirements for domain verification, such as the TLS configuration, not requiring client certificates, and ensuring there are no redirects. I’ve run tests with OpenSSL and PowerShell and all responses return HTTP/1.1 200 OK. I also tested the URL Apple says it uses to validate the file under .well-known, and it does show the expected result. I already have the Apple Pay Payment Processing Certificate and the Apple Pay Merchant Identity Certificate approved; the only thing missing is the domain verification. I’m not sure what else to test—if you could help me with a possible solution, I’d really appreciate it. (The project is built in .NET 8 and hosted on Azure App Service.)

PNO: VISA Please help to tell the reason for error. Thanks a lot. Attached is the log for your investigation Apple Push Log.txt

please bear with me, i am NOT a developer. we have third party developer creating a banking app that is throwing an error when trying to provision MasterCard for Apple Pay. MasterCard says they do not see the request come in at all. our developer says the issue is between mastercard and apple - and asked us to reach out to Apple. Information provided from our developer: “Error code 2 is 'system cancelled' from the PKAddPaymentPassError enum. Basically, there is an issue between Apple and Mastercard (using the encrypted card info from...” Response from Mastercard Connect: Upon further research with the examples you shared we are not seeing any attempt that reached to MC

Hello, We are currently developing an application that uses the Host-based Card Emulation (HCE) entitlement to enable corporate access functionality. With this entitlement, we have successfully established HCE communication and can interact with our access control systems to unlock doors. Our question is related to improving the user experience: We would like this access functionality to work without requiring the app to be in the foreground, as this adds friction for users during entry. Specifically, we would like to know: Is it possible for our app to coexist with Apple Wallet as the default contactless app, so that: Our app handles NFC interactions for corporate access (e.g., opening doors). Apple Wallet remains the default for payments. If that coexistence is not possible, and our app is set as the default contactless app, Will the system still need to launch our app into the foreground to complete a transaction (e.g., to emulate the NFC card)? Or is there a way to trigger HCE responses in the background (e.g., using a background process or service extension)? Any guidance on how to configure the app for optimal background access behavior, while maintaining compatibility with Wallet, would be greatly appreciated. Thank you in advance.

I'm currently integrating Apple Pay with my payment provider, and I'm encountering a signature validation error during the payment flow. Here's the setup: I’ve verified that my Merchant Certificate is valid, and I'm able to initialize the Apple Pay session without any issues. Also this curl works fine The Payment Processing Certificate was created by my PSP. PSP claims that the payment token signature is invalid during the transaction phase, which prevents payment completion. The parsed signature starts like this 0:d=0 hl=2 l=inf cons: SEQUENCE 2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData 13:d=1 hl=2 l=inf cons: cont [ 0 ] 15:d=2 hl=2 l=inf cons: SEQUENCE 17:d=3 hl=2 l= 1 prim: INTEGER :01 20:d=3 hl=2 l= 13 cons: SET 22:d=4 hl=2 l= 11 cons: SEQUENCE 24:d=5 hl=2 l= 9 prim: OBJECT :sha256 35:d=3 hl=2 l=inf cons: SEQUENCE 37:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data 48:d=4 hl=2 l= 0 prim: EOC 50:d=3 hl=2 l=inf cons: cont [ 0 ] 52:d=4 hl=4 l= 995 cons: SEQUENCE 56:d=5 hl=4 l= 904 cons: SEQUENCE 60:d=6 hl=2 l= 3 cons: cont [ 0 ] 62:d=7 hl=2 l= 1 prim: INTEGER :02 65:d=6 hl=2 l= 8 prim: INTEGER :16634C8B0E305717 75:d=6 hl=2 l= 10 cons: SEQUENCE 77:d=7 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 87:d=6 hl=2 l= 122 cons: SEQUENCE 89:d=7 hl=2 l= 46 cons: SET 91:d=8 hl=2 l= 44 cons: SEQUENCE 93:d=9 hl=2 l= 3 prim: OBJECT :commonName 98:d=9 hl=2 l= 37 prim: UTF8STRING :Apple Application Integration CA - G3 I'm looking for guidance on what could be causing this signature failure. Does anyone know what else I can check regarding the merchant or payment processing certificates, private keys, or key usage that might cause Apple Pay signature validation to fail, even if the session initializes successfully? Domains are also verified. Any help or suggestions would be greatly appreciated.

I have some questions related to MPAN. What is the format of an MPAN? Is it the same as DPAN? Is it PAN preserving format? Is a Cryptogram required and if yes, what kind of cryptogram? Is it the same format as DPAN? Thanks in Advance!

Recently, we completed a merger with our parent company. We are currently integrated with Apple Pay in accordance with the “Apple Pay Payment Processing on the Web” guidelines. Due to the change in the legal entity, we proceeded with the account migration process as outlined below: Creation of a new Apple Developer account and a new Apple Pay Identifier Removal of the Merchant Domain (dc2-web.happy.co.kr) from the existing Identifier Registration of the Merchant Domain (dc2-web.happy.co.kr) under the new Identifier Using the Merchant Domain registered under the new Identifier and the Apple Pay Merchant Identity Certificate issued from the new Identifier, we attempted to obtain an Apple Pay session by sending requests to the following endpoint: https://apple-pay-gateway.apple.com/paymentservices/startSession However, we are intermittently receiving failure responses with an HTTP 400 status code. With regard to these intermittent failures, we would like to inquire whether there is any propagation delay on Apple’s servers when an Apple Pay Identifier is removed and re-registered under a new account, or if there could be any other possible causes for this behavior. We would appreciate your guidance on this matter.

Hello we are trying to renew our certificates. We are trying to extend the dates of verified domains following the docs https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configure our server with https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server We've downloaded the apple-developer-merchantid-domain-association.txt and update it on their respective locations, click 'ok' button but we get redirected to the main page of the information of the merchant, and it shows the domains without the extending period of time. No popup showing what has failed or what could be the reason of this error, we only get a redirection to the main page.

We are implementing Apple Pay on our website, but we only sell services and would prefer that the shipping address section of the Apple Pay modal doesn't require the shipping address and just show the billing address. Is there any way to achieve this?

Hi, I’ve been trying to integrate Apple Pay, but for some reason, the payment button is not showing up. The project is built with Laravel 11 and Vue. I imported the script as follows: <script crossorigin crossorigin src="https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js" ></script> Then I added the following the steps: <style> apple-pay-button {{ --apple-pay-button-width: --apple-pay-button-width: 150px;; --apple-pay-button-height: --apple-pay-button-height: 30px;; --apple-pay-button-border-radius: --apple-pay-button-border-radius: 3px;; --apple-pay-button-padding: --apple-pay-button-padding: 0px 0px;; --apple-pay-button-box-sizing: border-box; } </style> <apple-pay-button buttonstyle="black" type="plain" locale="en-US"></apple-pay-button> I followed all the steps from the official Apple Pay demo: https://applepaydemo.apple.com/ I also configured the Content Security Policy (CSP) to allow all necessary resources. However, when I test my integration, the button doesn’t appear. I’ve checked the console, but there are no errors. At the same time, I have my certificate imported into the Keychain, and I’ve completed the entire process of creating both the certificate and the private key. However, when I try to validate the session using the certificate and key with Apple’s API, I get an error: 400 The SSL certificate error https://apple-pay-gateway-cert.apple.com/paymentservices/

Hi , This is regarding the ApplePayRecurringPayment Request and Apple Pay on Web functionality. Does Apple Pay on web providing functionality that collects payments from the stored credit card issuer bank (or) it only provides secured wallet functionality that provides a token which then has to be utilized to send a seperate payment request through a third party payment gateway to collect the payments from the credit card issuer bank. thanks

I developed a web app using .net c#. The app runs a workflow which included Apple payment. App can work on any browser of any device (even non-IOS). When the app is browsed using PC windows Chrome browser, the payment sheet will show with QR code to scan using iPhone. If I cancelled the pop-up by clicking on X without scanning the code, and then returned to idle screen and performed another payment, I will reach paymentRequest.Show() but nothing will show and no errors are logged in console. Note that: I use Payment Request API The issue appear on the second payment. The issue will be solved once I refresh the page. My app supports both single and separate pages mode and issue appear on both. I used to see an error "Uncaught NotSupportedError: Failed to execute 'define' on 'CustomElementRegistry': the name apple spinner has already been used with this registry. So I thought the issue might be in loading the apple SDK script multiple times, and solved the issue to be loaded only once. The error disappeared but the issue persist without errors.

we are currently using the requestAutomaticPassPresentationSuppression API in my app. to prevent the Wallet interface from appearing when an NFC/RF reader is detected during active app usage. Recently, a new transit card supporting Express Mode (T-money Transit Card) was released in Korea, and we are seeing an increasing number of users enabling Express Mode. However, this has introduced an issue where users are unable to use the BLE-based functionality we provide via our widget. Specifically, when the user taps our widget, it triggers a BLE signal broadcast for approximately 10 seconds. In this scenario, when the user brings their iPhone close to our reader, Express Mode is activated before the BLE interaction can be established. This prevents the BLE signal from being successfully received and processed. We would like to ask: Is it possible to suppress Express Mode behavior (similar to requestAutomaticPassPresentationSuppression) even when the app is launched via a widget interaction? Alternatively, is there any way to delay or defer Express Mode activation temporarily when launching from a widget or during BLE communication? We would appreciate any guidance or best practices you can share regarding this scenario. Thank you.

Hey everyone, hoping someone here has run into this before. I have a fully functional App Clip (com.didyoucatchit.app.Clip) linked to my main app (com.didyoucatchit.app). The Clip builds and runs perfectly, but I’m seeing issues trying to enable Apple Pay for it. When I try to link my Merchant ID under the “On Demand Install Capable” capability in the Apple Developer portal, I get this error: A relationship in the provided entity is not allowed for this request. The relationship 'undefined' can not be included in a 'bundleIdCapabilities' request. Here’s what I have already configured and confirmed: App Clip capabilities in Xcode include: Apple Pay Payment Processing Associated Domains (appclips:app.didyoucatchit.com) Provisioning profile includes: Apple Pay Payment Processing Associated Domains In-App Purchase On-Demand Install Capable Entitlements file for the Clip: <key>com.apple.developer.associated-domains</key> <array> <string>appclips:app.didyoucatchit.com</string> </array> <key>com.apple.developer.in-app-payments</key> <array> <string>merchant.com.didyoucatchit.app</string> </array> <key>com.apple.developer.parent-application-identifiers</key> <array> <string>$(AppIdentifierPrefix)com.didyoucatchit.app</string> </array> Merchant ID (merchant.com.didyoucatchit.app) is active and connected to Stripe Stripe Apple Pay configuration matches the same merchant ID and certificate Both provisioning profiles have been refreshed and downloaded However: The portal still throws the “relationship 'undefined'” error anytime I try to modify the Clip’s capabilities In testing, Apple Pay doesn’t show up as a payment option in the Clip (using Stripe’s Payment Element integration) Questions: Is this a known issue with the Developer portal when linking App Clips to merchant IDs? Is there a specific way to re-establish the parent–child relationship between the main app and the App Clip so the bundleIdCapabilities request includes the proper relationship JSON? Are there any additional configuration steps required when using Stripe for Apple Pay inside an App Clip? System Setup: Xcode: 16.2 (build 16C5032a) macOS: Sequoia 15.3.1 iOS: 18.5 (testing on physical device) Merchant ID: merchant.com.didyoucatchit.app Main App ID: com.didyoucatchit.app App Clip ID: com.didyoucatchit.app.Clip Any help or insight would be hugely appreciated Thanks in advance!

During the development of our 3D game project, we encountered high memory usage requirements. To address this, we enabled Apple’s Extended Virtual Addressing (EVA) and Increased Memory Limit services. We have confirmed that both services were enabled in the developer backend as well as in Xcode, and we also used updated development and distribution certificates when building the app. However, in our validation process, it seems that EVA and Increased Memory Limit are not taking effect — the game still experiences memory overflow and crashes. Could you please advise: The correct steps to properly use Extended Virtual Addressing and Increased Memory Limit; How we can confirm whether these services are functioning as expected?

Currently, on our Production environment, when calling https://apple-pay-gateway.apple.com/paymentservices/paymentSessio,n we are randomly receiving: "Payment Services Exception merchantId={Value} unauthorized to process transactions on behalf of merchantId={Value} reason={Value} is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either." Since launching Apple Pay on our platform we have received a new Domain Verification File and looking at some of the Domain Verification File that are hosted on the domains they are different to ours. Questions around the Domain Verification File Would we have to update every single Domain Verification File every time we receive a new one ? Does the paymentSession verfiy/call the Domain Verification File on the domain listed at https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association ? What happens if the Domain Verification File doesnt match the one that we currently have ? Would we have to regrester our Domains everytime we get a new Domain Verification File ?

Hello, We are encountering an issue with Apple Pay on the Web in the sandbox environment where payments cannot be completed because the onpaymentauthorized event is not triggered. The same implementation was working normally until March 5, but the issue started occurring consistently from March 6 without any changes to our code, certificates, or merchant configuration. Environment Apple Pay on the Web (JavaScript) Safari (iOS / macOS) Apple Pay Sandbox Merchant domain verified Merchant validation succeeds Observed Flow The Apple Pay flow proceeds normally until authentication: User clicks the Apple Pay button ApplePaySession.begin() is called onvalidatemerchant fires Merchant validation request succeeds completeMerchantValidation() is called Apple Pay sheet is displayed User authenticates with Face ID / Touch ID onpaymentauthorized is never triggered Because this event never fires, the payment token is not returned and the payment cannot proceed. ApplePaySession Request { "countryCode": "JP", "currencyCode": "JPY", "merchantCapabilities": ["supports3DS"], "supportedNetworks": ["visa", "masterCard"], "total": { "label": "Test Payment", "type": "final", "amount": "100" } } Merchant Validation Merchant validation succeeds and returns a valid session from Apple. Relevant fields from the merchant session: merchantIdentifier: 35A786BE6AB4... domainName: secure.telecom-awstest.com displayName: ApplePay Additional Notes Apple Pay sheet appears normally Authentication completes successfully No JavaScript errors are logged onpaymentauthorized is never fired Issue occurs consistently in the sandbox environment Confirmed across multiple iOS versions Question Has anyone experienced a similar issue recently in the Apple Pay sandbox environment, or are there any known changes that could cause the onpaymentauthorized event not to fire after authentication? Any insights would be greatly appreciated. Thank you.

We have updated the PNO metadata to include the associatedApplicationIdentifiers for our wallet extensions and the issuer app. While we are able to successfully provision the card to Apple Wallet via pull provisioning, we are unable to retrieve the payment passes that have already been provisioned. How can we address this issue? let passLibrary = PKPassLibrary() let paymentPassLibrary = self.passLibrary.passes(of: .secureElement) paymentPassLibrary is an empty array even though we have passes provisioned.

Cybersource production support has clarified issue as below "On the BAD Case, it seems that the Apple Payload did not contain the "onlinePaymentCryptogram" object within the JSON. The Cryptogram is critical and mandatory. Since the merchant cannot really control this, and since CYBS is just decrypting the payload and uses it, we cannot comment as to why it was missing. The merchant would need to reach out to Apple and/or decrypt the payment themselves locally to check if and why this data was not present, for troubleshooting purposes."