Hello, I am following up on my previous feedback (Feedback ID: FB17175593) regarding the in-app provisioning failure for Apple Pay. In that report, I detailed errors encountered during the card addition process (notably issues related to a missing teamID and cryptographic material errors). Could you please provide an update on the investigation progress? I appreciate your assistance and look forward to your response.

On Applepay's docs it talks about the ability to do "flexible" payments and scheduling for future purchases. We need to be able to make only a single approval of an Apple payment for multiple submissions later on. Think, deferred payments at an arbitrary schedule without presenting the ApplePay dialog each and every time. The docs suggest that may be possible, but are maddeningly vague on how to do that. Is it possible or not? Can we store an approved merchant's token for example and leverage that for future transactions?

Hello, I am developing a mobile application focused on helping users centralize and analyze their expenses. The app's key feature is to track transactions made through Apple Pay, providing users with a consolidated view of their spending across all linked bank cards or accounts. I have a few specific questions regarding the feasibility of this integration: Does Apple provide any official APIs or tools to access Apple Pay transaction data for third-party applications? Are there restrictions or guidelines for apps that aim to use Apple Pay to support expense tracking? What would be the best way to initiate a partnership or obtain further support from Apple for such a project? Your insights or direction on how to proceed would be greatly appreciated. Thank you for your time and guidance! Best regards, Amine

Has anyone had any success enabling Apple Pay checkout for a Google Chrome or Firefox users (macOS or PC)? This was rolled out in iOS 18 but Shopify support hasn't been able to help: https://www.theverge.com/2024/6/13/24177851/apple-ios-18-pay-chrome-scanning-code-wwdc-2024 Thanks

I am currently working on decrypting Apple Pay tokens with Laravel PHP, and I have encountered a few uncertainties regarding the decryption process and the usage of AES-GCM. Could you please clarify the following points: Algorithm Confirmation: Am I using the correct algorithm for decrypting the data key? Specifically, I am utilizing AES-256-GCM with the algorithm ID "id-aes256-GCM" (2.16.840.1.101.3.4.1.46), as specified in the documentation. Is this the recommended algorithm for decrypting the Apple Pay token's data key? Authentication Tag: In the decryption process, it seems that an authentication tag is required, but I am not sure where to obtain it from. Could you confirm how the authentication tag is generated or provided during the encryption process? If the tag is part of the token or is transmitted separately, could you clarify where I can retrieve it in order to proceed with the decryption successfully? IV and Other Parameters: I am using an initialization vector (IV) of 16 null bytes (00000000000000000000000000000000) as specified in the documentation. Could you confirm that this is correct and aligns with the expected parameters for the AES-GCM decryption? Are there any other specific parameters or considerations I should be aware of when implementing the decryption of Apple Pay tokens? GCM vs Other Encryption Modes: Can you confirm that AES-GCM is the preferred and required encryption mode, or is there any flexibility to use other modes (e.g., AES-CBC) without compromising security? Your guidance would be greatly appreciated to ensure I am following the correct decryption procedure for Apple Pay tokens. Thank you in advance for your support.

Hi, We are trying to make payment from ecomm merchant. The last request during process is { "sessionData": { "epochTimestamp": "1741082241", "expiresAt": "1741092241", "merchantSessionIdentifier": "SSH88312C485D_7E0DD10173", "nonce": "3f6dc197", "merchantIdentifier": "5F9BC6BAF8", "domainName": "libertybank.ge", "displayName": "Apple Pay Purchase", "signature": "3080060000", "operationalAnalyticsIdentifier": "Apple Pay Purchase:5F9BC6BAF8", "retries": 0, "pspId": "5F9BC6BAF8" } } which is successfully validated applePaySession.completeMerchantValidation(data.sessionData) After this, the "oncancel" handler is triggered in applePay. Please help us to understand what is wrong. Please note the domain where the applepay button is located is at txpg.libertypay.ge Which is successfully verified.

I am encountering an issue with the in-app provisioning flow using PKAddPaymentPassViewController. Specifically, when presenting the controller to allow users to add a pass to Apple Wallet, the device selection screen is showing all the devices, even after setting the primaryAccountIdentifier on the PKAddPaymentPassRequestConfiguration. Here's the context: I'm using PKAddPaymentPassViewController for in-app provisioning. I provide a valid primaryAccountIdentifier in the configuration. But after adding the pass, if i print back the primaryAccountIdentifier it displays some other value different than the identifier i had set(Example masked identifier: FAPLMC1GB000000066aa4xxxxxxxxxxxa744f16axxxxxxxx). The provisioning flow works, but the device list shown to the user includes all the devices (e.g., Apple Watches and iPhone even though it is already added to Apple Watch or iPhone).

Hello, We have implemented In-App Verification using both SMS and mobile app options. While SMS functions as expected, selecting the mobile app for verification in the Wallet app does not open our app on the first attempt. Instead, the verification window simply dismisses. However, if I select "Complete Verification" again and choose the mobile app, deep linking works as expected, and our app opens correctly. This issue occurs with any bank card and app I’ve tested in Wallet. Could this be a bug in the Wallet app where deep linking fails on the first attempt but works on the second?

Hello All - I'm attempting to enable my companies app to add credit card to Apple Wallet. Part of our app enables customers to generate new virtual cards on demand and I'm attempting to enable the ability to add these cards to the Apple Wallet. Everything seems to be working all the way to the final stage of the process where I get a PKPassKitErrorDomain systemCancelled and I can't seem to find any clues as to why the system is canceling. For context - I have the com.apple.developer.payment-pass-provisioning entitlement. I have both the Wallet and In-App Provisioning capabilities enabled in the App. I have defined a PKAddPaymentPassViewControllerDelegate class that implements both the generateRequest and didFinishAdding methods. I'm leveraging PKAddPaymentPassViewController in SwiftUI by using a UIViewControllerRepresentable implementing class that returns the view controller properly when makeUIViewController is called. I build a PKAddPaymentPassRequest object and ensure that it is properly filled with encryptedPassData, activationData, and ephemeralPublicKey. As a user I'm able to go to the virtual card view, open the instance of PKAddPaymentPassViewController, select the destination for the card, see the Add Card information. I get to the point where the view tells me it's contacting the card issuer and then I get an error message "Could Not Add Card - Try again later or contact your card issuer for more information" with a "Set Up Later" button. I then get the system canceled error. I should mention that I'm able to add these virtual cards manually via the Apple Wallet. The process works similarly but requires me to provided an OTP to conclude the process. This flow works and I have active cards in my wallet. I'm having a very hard time figuring out how to try and debug this issue further. The only error that the system returns is the system canceled notice. Any insight into where I might be missing something or how to debug the issue further would be greatly appreciated. Any thought on how I could debug this further would also be greatly appreciated. Thanks in advance - AYAL

Hi, We are trying to make the PKAddPaymentPassViewController to show the correct list of devices to where the pass can be added. We have analysed the documentation and we are using the PrimaryAccountIdentifier field which is the field that supposedly controls this behavior but the list of devices presented in the view controller always include one iPhone and one Apple Watch, regardless of where the card has been already added. We are initializing the PKAddPaymentPassRequestConfiguration object with: PKEncryptionScheme PrimaryAccountIdentifier CardholderName PrimaryAccountSuffix LocalizedDescription PaymentNetwork PrimaryAccountIdentifier CardholderName PrimaryAccountSuffix LocalizedDescription We have also verified the configuration in our payment pass processor and everything should be ok. We would like to have some help on achieving the desired flow for Apple Pay, which is to present the PKAddPaymentPassViewController with the correct list of available devices and not the full list. Thank you.

Hello, I am setting up a feature for my company's banking app that allows users to add their payment/debit card they have with us to the Apple Wallet on their device. We have the in-app provisioning entitlement setup and configured in the app and configured with our banking partner/TSP. We are able to manually provision production environment cards via the Wallet app. I am using test card data from my TSP. I send them the two certificates, nonce, and nonce signature data and am given activationData, encryptedPassData, and an ephmeralPublicKey that we then set on an instance of PKAddPaymentPassRequest. We call the handler on the delegate method that is called with that request object and get an error: The operation couldn’t be completed. (PKPassKitErrorDomain error 2.) Looking at the PassKit library shows this is PKUnsupportedVersionError - Unsupported pass version. Our TSP hasn't been super helpful in troubleshooting this issue and just said we should contact Apple as it is an Apple error. I am trying to figure out if the issue is with how we are implementing the feature or with the test data itself given to us.

Hello, I'm building an expense management app and have the necessary FinanceKit entitlements. However I'm based in India and hence do not have access to an Apple Card. Is there anyway to test FinanceKit with some sort of mock data? I have tried following the developer documentation and built a minimal implementation to share via Testflight to my users. However it's failing to get any transaction data. I'm unable to debug the code myself and if anyone here has valid entitlements along with Apple Card, I'd appreciate if you could debug an example project I made below: https://github.com/tanmays/FinanceKitExample Feedback #FB14136552

Hello, I am developing an Apple Pay and In-App Provisioning integration for the bank where I work. All entitlements are properly configured, and we are integrated correctly with our Payment Network Operator (PNO). We are using PKAddPaymentPassViewControllerDelegate to handle the provisioning process. The flow progresses as expected up to the Terms and Conditions screen. However, after accepting the terms, the process fails with the message: "Could not add card." Upon checking the device logs using the Wallet profile configuration, I observed the following response from Apple's backend: Response: https://nc-pod10-smp-device.apple.com:443/broker/v4/devices/041315032816900221610987313158566F368A9CEBA1291E/cards/745f792b9d0644e5a6e713d54f505296/enable 500 Time profile: 1.80458 seconds { x-conversation-id = "6ec59a63424f4035915e32f22ea645e4" Vary = "accept-language" Content-Type = "application/json" x-pod = "nc-pod10" x-keystone-correlationid = "E3DD5A5A-FD18-4500-8570-2BD1334E281C" Date = "Thu, 17 Apr 2025 07:05:03 GMT" x-apay-service-response-details = "via_upstream" Content-Length = "49" x-envoy-upstream-service-time = "964" x-pod-region = "paymentpass.com.apple" } { errorCode = 40456; statusCode = 500; } This seems to indicate that the card enablement step is failing on the server side. Our internal systems have not logged any request failure from Apple at this step, which makes it difficult to pinpoint whether the issue is in the PNO integration, entitlement configuration, or something else. We are currently testing in a production environment on a physical device (not using sandbox), and provisioning flows are initiated through our iOS app using PKAddPaymentPassRequest. Could you please help us interpret error code 40456 and identify what steps we should take to resolve this issue? If needed, we can also provide the full device log and additional details. Thank you in advance for your support. Best regards, Mansur Bagwan

Hi. I am writing to request clarification regarding the renewal period of the merchant certificate. According to the documentation, Apple issues merchant certificates for 25 months, and this has been the case for several years. However, in the past six months, the issued certificates have been valid for only 3 months, which causes significant inconvenience. I have reviewed the documentation again and contacted support, but I was only referred back to the same information stating that the certificate should be valid for 25 months. Could you please clarify whether there have been any recent changes to the renewal policy? Additionally, is there a way to extend the certificate's validity to the expected 25-month period? I would greatly appreciate your assistance in resolving this issue.

Hello, we re developing a loyalty platform for end users and as such emit Apple wallet store cards. Problem we're facing is that the HTTP POST /v1/devices/:deviceLibraryIdentifier/registrations/:passTypeIdentifier/:serialNumber in some cases doesn't come through and we have no idea why. This only happens to a small percentage of customers, others work just fine. Does anyone have an idea why this might happen? I believe our setup is correct when 90% of customers work and we receive these HTTP requests to our server.

I'm encountering an issue with Apple Pay on both Wallet and the Watch app where the app name is not showing up on the back of the payment card(Card details). The pass was successfully provisioned, and everything seems to be working, but the expected app name or brand isn't displayed, and instead, I see the generic "Something went wrong. Try again Later" message. Do we need to configure something to get this displayed in Wallet app?

Team, We are currently checking out on Apple Pay using ALL and MRU as currencies. We have authorized the payment via Touch ID; however, we are not receiving the onPaymentAuthorized event. Could you please confirm if Apple Pay supports ALL and MRU currencies? We have confirmed that it works with other currencies. Thank you!

Hi, You're here because you've had issues with your implementation of Wallet Extensions for Apple Pay In-App Provisioning or In-App Verification. To prevent sending sensitive credentials in plain text, create a new report in Feedback Assistant to share the details requested below with the appropriate log profiles installed. Gathering Required Information for Troubleshooting Apple Pay In-App Provisioning or In-App Verification Issues While troubleshooting Apple Pay In-App Provisioning or In-App Verification, it is essential that the issuer is able to collect logs on their device and check those logs for error message. This is also essential when reporting issues to Apple. To gather the required data for your own debugging as well as reporting issues, please perform the following steps on the test device: Install the Apple Pay and Wallet profiles on your iOS or watchOS device. If the issue occurs on Mac, continue to Step 2. Reproduce the issue and make a note of the timestamp when the issue occurred, while optionally capturing screenshots or video. Gather a sysdiagnose on the same iOS or watchOS device, or on macOS. Create a Feedback Assistant report with the following information: The bundle IDs App bundle ID Non-UI app extension bundle ID (if applicable) UI app extension bundle ID (if applicable) The serial number of the device. For iOS and watchOS: Open Settings > General > About > Serial Number (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > Serial Number. The SEID (Secure Element Identifier) of the device, represented as a HEX encoded string. For iOS and watchOS: Open Settings > General > About > SEID (tap and hold to copy). For macOS: Open the Apple () menu > About This Mac > System Report > NVMExpress > Serial Number. The sysdiagnose gathered after reproducing the issue. The timestamp (including timezone) of when the issue was reproduced. The type of provisioning failure (e.g., error at Terms & Conditions, error when adding a card, etc.) The issuer/network/country of the provisioned card (e.g., Mastercard – US) Last 4 digits of the FPAN Last 4 digits of the DPAN (if available) Was this test initiated from the Issuer App? (e.g., yes or no) The type of environment (e.g., sandbox or production) Screenshots or videos of errors and unexpected behaviors (optional). Important: From the logs gathered above, you should be able to determine the cause of the failure from PassbookUIService, PassKit or PassKitCore, and by filtering for your SEID or bundle ID of your app or app extensions in the Console app. Submitting your feedback Before you submit to Feedback Assistant, please confirm the requested information above is included in your feedback. Failure to provide the requested information will only delay my investigation into the reported issue within your Apple Pay client. After your submission to Feedback Assistant is complete, please respond in your existing Developer Forums post with the Feedback ID. Once received, I can begin my investigation and determine if this issue is caused by an error within your client, a configuration issue within your developer account, or an underlying system bug. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

Can i, personally, create .pkpass for other companies using my apple developer ID? In order to create .pkpass, I need to create passTypIdentifier and teamIdentifier using apple developer ID Is it okay to create those two identifiers and create coupons or membership cards for other companies? I just wonder if it is against the law or developer guide.

Apple Sandbox is not available in India, also Apple Pay itself is not supported by Indian Banks. How can I still test using Apple Pay sandbox in India? I am trying to add test cards on my iPhone and it fails to add it. It tries to connect to Issuer, which it should not for sandbox Apple Id. Can anyone help how to achieve this?