Apple Pay Merchant Integration Guide
Apple Pay Merchant Integration Guide
Introduction 3
Getting started 4
Guidelines ...............................................................................................................................................4
Confirm your Payment Service Provider (PSP) supports Apple Pay ..................................................6
Troubleshooting 20
API Diagrams 21
Apple Pay provides an easy and secure way to make payments in iOS, iPadOS, and
watchOS apps, and on the web when using compatible browsers. By using Face ID,
Touch ID, or double-clicking Apple Watch, users can quickly and securely provide
This guide outlines the steps needed to enable Apple Pay in app and on the web. To
experience an Apple Pay test transaction on a compatible device, visit the Apple Pay
guide supports each of these roles through the end-to-end process of enabling
Apple Pay in your app or on the web, and the typical role responsible for each task
Before enabling Apple Pay, it is important that developers understand how Apple
Pay differs from an In-App purchase, and make sure their implementation follows
the guidelines. There are many ways to implement Apple Pay, with some of the most
Apple Pay SDK or JavaScript API as a quick and reliable way to support Apple Pay in
an app or on a website.
Guidelines
Apple Pay can be used in your app to sell physical goods like groceries, clothing, and appliances; for
services such as club memberships, hotel reservations, and events tickets; and for donations. In-App
Purchase are used to sell virtual goods such as premium content for your app, and subscriptions for
digital content.
Before submitting your app for review, make sure it follows these guidelines to help progress smoothly
Before deploying Apple Pay on your website, make sure your implementation follows these guidelines.
The most popular e-commerce platforms and payment service providers support Apple Pay within
apps and on the web. Using an Apple Pay SDK or JavaScript API from a payment provider is the
quickest and most reliable way to support Apple Pay in your app or on your website..
Most active Apple devices are compatible with Apple Pay. It works in apps, on Safari
and in web views on iOS or iPadOS devices, and through Safari on macOS. Any
transaction type you currently support for regular debit and credit cards can be
Payment flow
Apple Pay uses device-specific tokenized credit or debit card credentials (DPAN) in place of a Payment
Account Number (PAN). When users authenticate the payment using Face ID, Touch ID or their
passcode, the tokenized card data is returned to your app or website. This token can then be passed to
your Payment Service Provider (PSP) to process as you would for a typical online credit or debit card
payment.
Customer
Merchant App/Website
Merchant Server
" Receives payment object and maps data to PSP API or SDK
message
Acquirer
Payment Network
Issuer
To enable Apple Pay on your app or website, you need to confirm that you have the
correct options configured on your server, are set up to accept Apple Pay Payments
PAYMENTS TEAM
"
! Confirm your Payment Service Provider (PSP) supports Apple Pay
Check the list of currently supported gateways at the link below. If you do not see your PSP on the list,
SERVER ADMIN
"
! Set up your Server
For Apple Pay on web only, ensure that your server meets the set up requirements for secure
ACCOUNT ADMIN
"
! Register for an Apple developer account
Both Apple Pay in apps and Apple Pay on the web require an Apple developer account, which must be
renewed yearly. You can enroll as an individual or as an organization, and you can use the same Apple
developer account that you use today to publish apps to the App Store.
You can’t use an Apple Developer Enterprise Program account to enable Apple Pay within an app or on the web.
payments and complete transactions promptly. Consider where and when in your
customers journey would be best to utilize Apple Pay to help drive conversion and
UX DESIGNER
"
! Assess your Checkout flow
PAYMENTS TEAM
To help drive conversion and enhance your user’s experience, carefully consider the location of the
Apple Pay button. The best user experiences place the Apple Pay button as early in the checkout
process as possible in order to leverage Apple Pay provided information, and minimize data entry.
engagement, and provide an excellent user experience. Please review our best practice
UX DESIGNER
"
! Review the Human Interface Guidelines
Refer to the Apple Pay Human Interface Guidelines for additional information on how to best
Now that you have designed your solution for Apple Pay, it’s time to start building
your implementation into your app or website. This section will link to relevant
sources within the API documentation, as well as provide additional detail to support
To support Apple Pay on your website or app, you need to complete a few set up steps in your
developer account: registering a merchant ID, creating certificates, and verifying your web domain(s).
Completing the setup enables you to use the Apple Pay web APIs and/or app APIs.
ACCOUNT ADMIN
"
! Create a Merchant ID
Your Merchant ID uniquely identifies your business as a merchant able to take payments. A merchant
Identifier never expires, and can be used for multiple Apps and websites.
1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar, then click the add button (+)
3. Enter the merchant description and identifier name, then click Continue.
data. To generate a certificate you will need to upload a Certificate Signing Request (CSR) to the
Developer portal. If your PSP is decrypting the data, they will supply you with a CSR. If you plan to
decrypt the Apple Pay data yourself, follow the steps at the link below to generate your own CSR.
2. Under Identifiers, select Merchant IDs using the filter on the top right.
7. In the dialog that appears, select the certificate request file (a file with a .certSigningRequest
8. Click Continue.
9. Click Download. The certificate file (a file with a .cer file extension) appears in your Downloads
folder.
The Payment Processing Certificate is valid for 25 months, after which you’ll need to renew it.
If you’re developing websites using Apple Pay on the Web, you can use the same merchant ID and
Payment Processing Certificate for your website and your app. However, Apple Pay on the web requires
additional setup.
ACCOUNT ADMIN
"
! Create a Merchant ID
Your Merchant ID uniquely identifies your business as a merchant able to take payments. Follow the
ACCOUNT ADMIN
"
! Create a Payment Processing Certificate
A certificate associated with your merchant ID, used to encrypt Apple Pay transaction data. Follow
ACCOUNT ADMIN
"
! Verify your domain(s)
You must register and verify all top-level domains and subdomains where you display the Apple Pay
button.
1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar, then select Merchant IDs from
5. Click Download, place the downloaded file in the specified location, then click Verify.
6. Click Done.
For successful domain validation, domains can’t be behind a proxy or redirect, and must be accessible
ACCOUNT ADMIN
"
! Create a Merchant Identity Certificate
A certificate associated with your merchant ID, used to authenticate sessions with the Apple Pay
servers. The steps to create this certificate are similar to those for the Payment Processing Certificate,
1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar, then select Merchant IDs from
6. In the dialog that appears, select the certificate request file (a file with a .certSigningRequest
7. Click Continue.
8. Click Download. The certificate file (a file with a .cer file extension) appears in your Downloads
folder.
9. Double-click the Merchant Identity Certificate you just downloaded to add it to your Mac Keychain.
DEVELOPER You should now have a private key and corresponding certificate in your keychain. The Merchant
Identity Certificate and key will need to be exported and packaged into a .p12 file before you are able to
use it to generate a session with the Apple Pay servers. Follow the steps below to export and then test
your certificate.
2. Click on ‘Keys’ from the menu and search for the key you generated.
3. Click on the disclosure arrow beside the key, which should display your Merchant Identity
Certificate.
5. Choose a directory to save the certificates, and enter a password to protect the file.
Now you have a .p12 file that contains the key and certificate for Merchant Validation.
To test that your Apple Pay Merchant Identity certificates are working correctly, complete these steps:
1. Open Terminal and use the following commands to split the .p12 into the corresponding key and
-nokeys
-nocerts
2. Use the following cURL command to post the certificates and JSON up to Apple servers. Ensure
you change the merchantIdentifier and initiativeContext to the correct values, and
that you are using straight double quotes (") and not curly double quotes (“).
paymentSession' \
--data '{
"merchantIdentifier": "merchant.XXXXXX",
"initiative": "web",
"initiativeContext": "www.example.com"
}' \
--cert ApplePay.crt.pem \
--key ApplePay.key.pem
10
to the following:
{“epochTimestamp”:15445664606792,”expiresAt”:154167344466792,”
merchantSessionIdentifier”:”
SSHC45CBB9C8073415198E3AB7314791C6D_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C
46B0DE5A943F0F94927C24”,”nonce”:”
8f47a9c1”,"merchantIdentifier":"20C8BB48576962AD936399118741FFEA6130838BDF69A5
0B9A3CE4E7","domainName":"www.example.com","displayName":"Example
Merchant”,"signature":"308006092a864886f70d010702a0803080020101310f300d0609608
6480165030402010500308006092a864886f70d0107010000a080308203e63082038ba00302010
202086860f699d9cca70f300a06082a8648ce3d040302307a312e302c06035504030c254170706
c8274854054658569d4170706c652043657274696669636174696f6e20417574686f7269747931
133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3136
303630333138313634305a170d32313036303231383.......}
This is the opaque session object, and is used to start a session for Apple Pay on the Web.
A general guide to debugging common issues can be found in the troubleshooting section. If your
issue is not resolved after reviewing the guide, you can get further assistance by contacting Apple
11
With your configuration complete, you can now move on to add an Apple Pay button to your app or
website. There are several Apple Pay button types and styles you can use, and it is important that you
do not create your own Apple Pay button design or attempt to mimic the system-provided button
designs.
DEVELOPER
"
! Display the Apple Pay button
The button will be rendered by the appropriate PassKit or Javascript API, which will display the most up
The Apple Pay mark isn’t a button and shouldn’t be used to launch the payment sheet. Use only the
DEVELOPER
"
! Check for Apple Pay Availability
To ensure that you only display the Apple Pay button to customers with a supported device, check for
canMakePayments()
Verifies that the device is capable of making Apple Pay payments; it doesn’t verify that the user has a
ဂ Web - canMakePayments()
ဂ App - canMakePayments()
PaymentRequest.canMakePayment()
Verifies that the device is capable of making Apple Pay payments, and that the user has at least one
provisioned card.
ဂ PaymentRequest.canMakePayment()
12
To present the payment sheet to the customer, construct a payment request containing information
that describes the purchase. This includes merchant information, supported payment networks, line
items including the total, currency code, billing and shipping contact, and more.
DEVELOPER
"
! Construct your Payment request
Your app or website specifies what the payment sheet displays, but it doesn’t control the users
interaction with the sheet. You must decide if it makes sense to present shipping and billing
information, shipping method, and other line items to the user. For the best results, only request the
DEVELOPER
"
! Complete Merchant Validation Web only
Once the system launches the payment sheet, the merchant validation process is automatically
successful, you’ll need to request a merchant session object from the Apple Pay servers.
Inside the onmerchantvalidation event handler, make a call to an endpoint on your server asking
for a new session to be created. For security purposes the request to the Apple Pay servers needs to
come from your server and not from the browser directly. Your server will then need to post your
request data alongside the Merchant Identity Certificate to obtain the session object.
POST https://apple-pay-gateway.apple.com/paymentservices/paymentSession
merchantIdentifier: "merchant.com.example.mystore",
displayName: "MyStore",
initiative: "web",
initiativeContext: "mystore.example.com"
Pass the session object into the complete method from the event to finish the Merchant Validation
When testing with sandbox cards, you’ll make the call to a different endpoint. Be sure to make the call
13
In the payment request, you can specify the required customer information by setting the relevant
boolean values in the paymentOptions dictionary. Required data can include billing address,
Setting requestShipping to true presents redacted address information in a callback event prior
to the user authenticating the transaction, similar to the example shown below.
country: “US”,
addressLine: [],
region: “NC”,
city: “Raleigh”,
dependentLocality: “”,
postalCode: “27601”,
sortingCode: “”,
recipient: “”,
phone: “”
Apple Pay provides the information in a redacted form to protect a person’s privacy, and can vary
based on geographic location – in the UK for example, only the first part of the postal code is returned
prior to authorization. Use this information to provide relevant shipping options within the
paymentDetails array, or to calculate any taxes due on the transaction and then update the payment
sheet accordingly.
Once a person authenticates the transaction with Face ID, Touch ID or their passcode, you will receive
country: "US",
region: "NC",
city: "Raleigh",
dependentLocality: "",
postalCode: "27601",
sortingCode: "",
organization: "",
phone: ""
DEVELOPER
"
! Respond to Payment sheet interactions
If a customer changes their address in the payment sheet, you can update shipping methods or
ဂ request.onshippingaddresschange
To display the coupon code field within the payment sheet, add supportsCouponCode to your
payment request with an empty couponCode field if there is no initial coupon code. If a customer
enters a coupon code within this field, respond to that event by adding an event listener to the
property.
14
A typical payment request is for a one-time payment, but there are occasions when you may want to
request a recurring payment, or an automatic reload. To support these different types of payment
requests, provide one of the following options in the payment request modifier:
recurringPaymentRequest
Recurring payments, such as subscriptions, can feature different payment intervals (for example,
automaticReloadPaymentRequest
Automatic reload payments, such as store card top-ups, feature a balance threshold and a reload
amount. The card automatically reloads with the reload amount when the account drops below the
balance threshold.
deferredPaymentRequest
Deferred payments, such as for a Hotel booking or a per-order, allow you to specify a free cancellation
multiTokenContexts
Set up multi token transactions to process and display payment requests with multiple merchants on
one payment sheet, for example, a booking site where a user pays for a hotel, flight, and car rental from
different merchants.
DEVELOPER
"
! Error handling
When you determine that there’s a problem with an address or contact information on the payment
UX DESIGNER
sheet, you can use ApplePayError to create a customized error message. Apple Pay highlights the
area with an error and displays your message, making it easier for users to correct errors.
ဂ ApplePayError
15
switch (paymentResponse.methodName) {
case "https://apple.com/apple-pay":
if (paymentResponse.details.shippingContact) {
if (errors.length) {
await paymentResponse.retry({
paymentMethod: errors,
});
break;
case "https://...":
break;
function validateAddress({shippingContact}) {
if (!isValidZipCode(shippingContact.postalCode)) {
"shippingContactInvalid",
"postalCode",
errors.push(error);
return errors;
16
switch (event.methodName) {
case "https://apple.com/apple-pay":
if (event.methodDetails.couponCode) {
event.updateWith(
validCouponCode(event.methodDetails.couponCode)
);
return;
if (event.methodDetails.type) {
break;
case "https://...":
break;
});
if (!(await isValidCouponCode(couponCode))) {
paymentMethodErrors.push(
new ApplePayError(
"couponCodeInvalid",
undefined,
);
return { paymentMethodErrors };
17
The requested customer data is returned in full when the customer has authenticated the payment
with Face ID, Touch ID or their Passcode. The information provided by the customer is not validated or
verified by Apple.
DEVELOPER
"
! Map Customer Information
PAYMENTS TEAM Once customer information has been verified, map the values provided in Billing and Shipping
information field to your typical order fulfillment systems, along with the result of the payment
authorization.
DEVELOPER
"
! Authorize Payment with your PSP
PAYMENTS TEAM Apple Pay passes payment information to your app or website in the form of a PKPayment object
(app) or of an ApplePayPayment object (web). Unencrypted data, such as billing and shipping
address, or email and phone contacts, are held within this object alongside encrypted payment
Depending on your PSP, you can pass the encrypted payment credentials directly to their systems for
authorization and capture. Alternatively, the payment credentials can be decrypted by you and then
sent to your PSP. For more information on decrypting the payment credentials yourself, refer to the
DEVELOPER
"
! Complete payment
PAYMENTS TEAM
Once you have passed the data to your PSP and received their response, pass the success or failure
back into the Apple Pay APIs. This will inform the user if the payment was successful, and dismisses
ဂ Web - complete
ဂ App - PKPaymentAuthorizationResult
18
Sandbox environment. Attempting to use these cards with a live production environment will result in
your PSP rejecting the transaction. More information on how to set up the sandbox accounts and cards
ဂ Sandbox Testing
Apple recommends testing a live transaction with a real bank card before publishing your app or
ဂ Participating Banks
19
Where does the customer information come from in the payment sheet"
The information comes from Wallet & Apple Pay defaults in Settings, if available, as well as the My Card
in Contacts. It could also come from previous Apple Pay transactions. You can set up your My Card by
Is the customer information that comes from Apple Pay verified by Apple"
Customer information is shared as-is, and is not verified by Apple. You will need to validate it on your
platform and communicate through the Apple Pay API if fields should be corrected. For more
Customer information includes shipping and billing address, name, phone number and email address.
The structure, format, and data included in the PKPaymentToken can be found in the Payment Token
Format Reference. PKPaymentToken only contains information on processing the payment; the
customer information is included in the PKPayment object. The PKPayment encapsulates the customer
You may need to regenerate your payment processing certificates. Please follow the steps in this guide
to generate your payment processing certificates and work with your PSP to understand where the
Please check with your PSP. Depending on your specific agreement, you may get liability shift with
Can I use the same Apple developer account for all countries I process payments in"
Yes; you do not need to have separate Apple developer accounts for multiple markets. You can also
Troubleshooting
Further information and troubleshooting steps to debug common issues with Apple Pay can be found
20
iOS / Safari Website Merchant Server Apple Server PSP/Acquirer Network Issuer
[5] session.begin()
[12] completeMerchantValidation()
[14] completePaymentMethodSelection()
[16] completeShippingContactSelection()
[20] completePaymentMethodSelection()
[23] completeShippingContactSelection()
[26] completeShippingMethodSelection()
[43] completePayment()
21
iOS / Safari Hosted Payment Page Apple Server PSP/Acquirer Network Issuer
[5] session.begin()
[12] completeMerchantValidation()
[14] completePaymentMethodSelection()
[16] completeShippingContactSelection()
[20] completePaymentMethodSelection()
[23] completeShippingContactSelection()
[26] completeShippingMethodSelection()
[41] completePayment()
22
[6] present(completion:)
[9] completion(PKPaymentRequestPaymentMethodUpdate(paymentSummaryItems: ))
[15] completion(PKPaymentRequestPaymentMethodUpdate(paymentSummaryItems: ))
[18] completion(PKPaymentRequestPaymentMethodUpdate(paymentSummaryItems: ))
[21] completion(PKPaymentRequestShippingMethodUpdate(paymentSummaryItems: ))
23