For Apple Pay testing, I have tried the following: Sign into the Sandbox Account via Developer Settings: Settings > Developer > Sandbox Account Keep your main Apple ID for everything else Add Test Cards to Wallet: Try adding the test card numbers (MasterCard and Visa Debit, as we support only those) Apple provides in their documentation. Unfortunately, none of them are added to the wallet. All the time it gives 'Could Not Add Card'. I tried on devices with iOS 18+. Can anyone advise on this? Thanks

Hello, Please help. We have been experiencing what appears to be a TLS handshake error in our Apple Pay merchant validation requests (2-way TLS) since June 25, 2025. We are aware of the encryption algorithm changes made in February 2025, and our system was functioning correctly at that time. However, the error started occurring suddenly and only recently. Could you please clarify the following points? Have there been any changes to the TLS configuration (cipher suites, certificates, protocol versions, etc.) on the Apple Pay server side since June 2025? Have there been any updates to the specifications or recommended settings for merchant validation requests? Is there any way to contact Apple for technical support regarding this issue other than through the Developer Forums? Our Merchant Identity Certificate has already been renewed and is confirmed to be valid.

We have been using ApplePay on the web for years, but we are running into a problem since today in sandbox where domainName is missing from the create payment sessions request. We haven't changed anything related to this request any time recently. Static payment sessions url being hit in sandbox: https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession request format: "merchantIdentifier": "merchant.com.identifier", "displayName": "Test Store", "initiative": "web", "initiativeContext": "test.example.com", "domainName": "test.example.com" response format: { "epochTimestamp": 1763533367972, "expiresAt": 1763536967972, "merchantSessionIdentifier": "<merchantSessionIdentifier>", "nonce": "<nonce>", "merchantIdentifier": "<merchantIdentifier>", "displayName": "Test Store", "signature": "<signature>", "initiative": "web", "initiativeContext": "test.example.com", "signedFields": [ "merchantIdentifier", "merchantSessionIdentifier", "initiative", "initiativeContext", "displayName", "nonce" ], "operationalAnalyticsIdentifier": "Test Store:<identifier>", "retries": 0, "pspId": "<pspId>" } Production create session request to https://apple-pay-gateway.apple.com/paymentservices/paymentSession is behaving as expected, sending the following fields as response: epochTimestamp, expiresAt, merchantSessionIdentifier, nonce, merchantIdentifier, domainName, displayName, signature, operationalAnalyticsIdentifier, retries, pspId Claude seems to suggest this is a response when Messages for Business is enabled, but this ApplePay Payment Processing merchant is only configured for Apple Pay on the Web. Any ideas or pointers to check for? We are worried this will spill over in production as well, which will break our ApplePay integration. Thanks in advance!

I am facing an issue while integrating Apple Pay in my React.js application. The onvalidatemerchant callback works perfectly, and the merchant validation is successfully completed. However, after the Apple Pay session is validated, the payment sheet appears briefly and then closes immediately without triggering the onpaymentauthorized event. I have provided the relevant code snippets and API implementation below. I would greatly appreciate your insights on resolving this issue. import React, { useEffect, useRef, useState } from "react"; // Relevant imports const ApplePayButton = ({ paymentType, handlePayment, cartSummary }) => { const [applePaySession, setApplePaySession] = useState(null); const cartSummaryRef = useRef(cartSummary); useEffect(() => { cartSummaryRef.current = cartSummary; }, [cartSummary]); const setupApplePaySession = async () => { if (!window.ApplePaySession || !ApplePaySession.canMakePayments()) { console.log("Apple Pay is not supported on this device/browser."); return; } const paymentRequest = { countryCode: "US", currencyCode: "USD", merchantCapabilities: ["supports3DS"], supportedNetworks: ["visa", "masterCard", "amex"], total: { label: "Total", amount: `${cartSummaryRef.current?.total?.amount || "10.00"}`, }, requiredBillingContactFields: ["postalAddress", "email", "phone", "name"], }; const session = new ApplePaySession(6, paymentRequest); setApplePaySession(session); session.onvalidatemerchant = async (event) => { try { const response = await createAndValidateApplePaySession({ validation_url: event.validationURL, provider: "APPLE_PAY", }); if (response?.status && response?.data?.applePaySession) { const merchantSession = JSON.parse( response.data.applePaySession.session_details ); session.completeMerchantValidation(merchantSession); } else { console.error("Merchant validation failed: Invalid response."); } } catch (error) { console.error(`Merchant validation error: ${JSON.stringify(error)}`); } }; session.onpaymentauthorized = (event) => { console.log("Payment authorized:", event.payment); }; session.oncancel = () => { console.log("Payment cancelled."); }; session.onerror = (event) => { console.error(`Apple Pay error: ${JSON.stringify(event)}`); }; session.begin(); }; return ( <> {paymentType === "APPLE_PAY" && ( )} </> ); }; export default ApplePayButton; createAndValidateApplePaySession = async (data) => { const { validation_url } = data; const apiUrl = ${this.finixUrl}/apple_pay_sessions; const base64Credentials = Buffer.from(this.credentials).toString("base64"); const body = { validation_url, merchant_identity: process.env.FINIX_APPLE_PAY_MERCHANT_ID, domain: process.env.FINIX_APPLE_PAY_DOMAIN, display_name: process.env.FINIX_APPLE_PAY_DISPLAY_NAME, }; const requestData = { url: apiUrl, data: body, headers: { "Content-Type": "application/json", Authorization: Basic ${base64Credentials}, }, }; try { const response = await axios.post(requestData.url, requestData.data, { headers: requestData.headers, }); return response?.data; } catch (error) { console.error("Merchant validation failed:", error); return error; } }; Current Behavior: Apple Pay button renders successfully. Clicking the button triggers the setupApplePaySession function. The merchant validation completes successfully via the onvalidatemerchant callback, and a valid merchant session is received from the API. The Apple Pay sheet appears briefly and then closes immediately. The onpaymentauthorized callback is never triggered. Expected Behavior: The payment sheet should remain open after merchant validation, allowing the user to select a payment method and authorize the payment. The onpaymentauthorized callback should then be triggered to handle the payment token.

Does anyone know how to register as a psp for apple pay. My psp is based in the UAE and I cant seem to find an easy way to enroll the psp to apple pay

Hello Everyone, I am trying to integrate apple pay on my website and have followed the following steps. Created a merchant identifier in my apple developer account. Generated a payment processing certificate using Certificate signing Request generated through keychain. Downloaded the certificate and converted that to pem file using the following command openssl x509 -inform DER -in apple_pay.cer -out apple_pay.pem Imported the cer file into keychain and exported .p12 file and generated private key using the following command. openssl pkcs12 -in Certificates.p12 -out private_key.pem -nocerts Utilizing apple_pay.pem and private_key.pem files for merchant verification call and getting the following response. cURL Error: OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0 Trying 17.141.128.7:443...\n* TCP_NODELAY set\n* Connected to apple-pay-gateway.apple.com (17.141.128.7) port 443 (#0)\n* ALPN, offering h2\n* ALPN, offering http/1.1\n* successfully set certificate verify locations:\n* CAfile: /etc/ssl/certs/ca-certificates.crt\n CApath: /etc/ssl/certs\n* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256\n* ALPN, server accepted to use http/1.1\n* Server certificate:\n* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; CN=apple-pay-gateway.apple.com\n* start date: Dec 19 00:22:44 2024 GMT\n* expire date: Mar 12 19:42:00 2025 GMT\n* issuer: C=US; O=Apple Inc.; CN=Apple Public EV Server RSA CA 1 - G1\n* SSL certificate verify ok.\n> POST /paymentservices/startSession HTTP/1.1\r\nHost: apple-pay-gateway.apple.com\r\nAccept: /\r\nContent-Type: application/json\r\nContent-Length: 143\r\n\r\n* upload completely sent off: 143 out of 143 bytes\n* OpenSSL SSL_read: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca, errno 0\n* Closing connection I also tried to include AppleWWDRCAG2 and AppleRootCA-G2 certificated but same response every time.

To continue your enrollment, complete your purchase now But when I tried to purchase I am not able to pay

The details provided in this documentation do not seem have instructions on configuring authentication for the user webhook. I plan on using oauth with the webhook, but I do not know where to provide the relevant issuer and client id/secret to the merchant token management service.

I'm implementing Apple Pay for our application via the Apple Pay JS API, and everything works as expected when initiating a session from a Safari browser. However, when attempting to start a session in a non-Safari browser (Chrome in this case), I see the following behavior: The "Scan Code with iPhone" popup appears I scan the code with my device (9th gen iPad running iPadOS 18.5 if that matters) The Apple Pay view does not appear on the device, and the "Scan Code" popup closes on the browser without any further information given. I can see the messages being passed in the network tab, with the final message being a "getPaymentRequestResponse" message appearing at the time the code is scanned. I suspect merchant validation is failing since that should be the next step, but that's just an educated guess at this point. I would appreciate any help getting this issue resolved.

Hi! I am working on automating the Apple Pay integration process in our CI/CD pipeline and would like to confirm whether a fully automated setup is currently possible for our preproduction environment. Right now, our process is as follows: A certificate is generated for the root domain and for each individual merchant subdomain. Both certificates are manually uploaded to our preproduction servers to test and verified via HTTP. We’d like to automate this flow in GitLab CI, mainly the generation of the necessary certificates programmatically or via API. However, from my research, it seems that Apple does not currently provide an API or any support to automate this task, but I’d like to confirm this directly with you. Is there any official support or workaround for this kind of automation? If not, do you have any plans to provide it in the future? Thanks in advance for your help.

Apple Pay processed a transaction but the account has insufficient funds. Later the transaction is declined. Is it expected from Apple Pay? Does Apple Pay throws an error if the account has insufficent funds- iOS Swift ? Does anyone know the code to handle this scenario in Swift iOS?

multiTokenContexts is defined as follows (https://developer.apple.com/documentation/passkit/pkpaymentrequest/multitokencontexts) You can assign a value when initializing PKPaymentRequest (https://developer.apple.com/documentation/passkit/pkpaymentrequest). However, in actual usage scenarios, when the Apple Pay address changes and PKPaymentRequestShippingContactUpdate (https://developer.apple.com/documentation/passkit/pkpaymentrequestshippingcontactupdate) is triggered, how to update multiTokenContexts? The documentation and code do not provide updates for this parameter. In contrast, Apple Pay on the Web provides newMultiTokenContexts as an update when ApplePayShippingContactUpdate (https://developer.apple.com/documentation/apple_pay_on_the_web/applepayshippingcontactupdate) is triggered. Has anyone encountered this problem? Would you happen to have any solutions? Thank you.

When I click to my Apple Pay button, my function below doesn't trigger the completeMerchantValidation method as expected, but the oncancel method (which logs errorCode "unknown" in Safari developer tools) : const processApplePayment = async () => { if (window.ApplePaySession) { const session = new window.ApplePaySession(6, { countryCode: 'FR', currencyCode: 'EUR', merchantCapabilities: ['supports3DS'], supportedNetworks: ['visa', 'masterCard'], total: { label: `Bon d'achat ${partnerName}`, type: 'final', amount: cartTotalValue.toString() } }); session.onvalidatemerchant = async event => { try { const merchantSession = await validateMerchantSession(event.validationURL); console.log('merchant session : ', merchantSession); if (!merchantSession) { console.error('Invalid Apple Pay merchant session'); } session.completeMerchantValidation(merchantSession); } catch (error) { console.error('merchant validation error : ', error); session.abort(); } }; session.onpaymentauthorized = async event => { console.log('payment authorization event : ', event); try { const link = await authorizePayment( event.payment.token, userInfo, partnerId, order.id ); console.log('payment authorized link : ', link); window.location.href = link; } catch (error) { console.error('Apple Payment authoriation error : ', error); const errorUrl = `${PATH.EBON_ERROR_PATH}-${partnerId}?paiement=error&orderId=${order.id}`; window.location.href = errorUrl; } }; session.oncancel = event => console.log('Apple Pay cancel event : ', event); session.begin(); } }; The validateMerchantSession function successfully returns this payment session from Apple server : { "epochTimestamp":1739279973502, "expiresAt":1739283573502, "merchantSessionIdentifier":"SSH108C7ED6746A48E38EA8D253D33CCAA5_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C46B0DE5A943F0F94927C24", "nonce":"150de193", "merchantIdentifier":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "domainName":"lesnumeriques-bonsdachat.htmal1.com", "displayName":"Les Numériques", "signature":"308006092a86...779cd643c000000000000", // long string "operationalAnalyticsIdentifier":"Les Numériques:11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A", "retries":0, "pspId":"11CA4E31493E748848A91A0DAB1685A8417C41B62B9863EF59A618B91239471A" } What could I do wrong and how could I fix it please ?

Hi there, is there a way, or a list of test cards, to simulate error on payment in an Apple Pay sandbox environment ? I tried different cards mentioned here but every try was successful : https://developer.apple.com/apple-pay/sandbox-testing/

Hello, we have problem. Kind regards, -Martin

I'm facing problem with in-app-provisioning in production application. When we try to tokenize (before T&C step) we are getting error from topic. I've also posted this in Feedback Assistant: FB18403577. I'll be very happy if someone could help me to get what is wrong with data or configuration of application.

When apple pay on the web does a onshippingcontactselected it appears to truncate the zip code. If I enter: 11111 or 11111-1111 I always get 11111. Is there any way to get the plus 4?

We have an app and we want to add tap to pay for Apple Pay. We'd also like to become a certified Payment Service Provider. What is the process to become a certified PSP?

We are integrating iOS 16 recurring payments in our app, everything works fine but we have a few questions Question 1 let recurringPaymentRequest = PKRecurringPaymentRequest(         paymentDescription: "Pro Membership",         regularBilling: regularBilling,         managementURL: url       ) we assume managementURL is supposed to come in the user's wallet where he/she can tap to change the recurring payment option to our backend, but in the wallet, the transaction appears without this URL and have no indication that it is a recurring payment, Can someone guide what we missed Question 2 For apps that only have apple pay on mobile, managementURL can open the app as a deep link from the Wallet app and the user can update or delete the payment method for the automatic reload payment from the app directly, Question 3 For cancellation, the recurring payment app should have some UI where the user can tap which hit our backend and remove the apple pay merchant token from our system and apply cancellation business logic, no apple API involves in the cancellation of recurring payment

Hi support, I'm getting the following error when I tried to re-verify my domain: Domain verification failed. Review your TLS Certificate configuration to confirm that the certificate is accessible and a supported TLS Cipher Suite is used. I have uploaded the required apple-developer-merchantid-domain-association.txt file and it is reachable from the Internet in the proper location https://www..com/.well-known/apple-developer-merchantid-domain-association.txt. The SSL certificate has been renewed and it offers at least one of required cipher suites based on the Apple document https://developer.apple.com/documentation/applepayontheweb/setting-up-your-server. The current verification will expire soon. Need your help urgently. Thanks, YaoF