We have been using ApplePay on the web for years, but we are running into a problem since today in sandbox where domainName is missing from the create payment sessions request. We haven't changed anything related to this request any time recently. Static payment sessions url being hit in sandbox: https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession request format: "merchantIdentifier": "merchant.com.identifier", "displayName": "Test Store", "initiative": "web", "initiativeContext": "test.example.com", "domainName": "test.example.com" response format: { "epochTimestamp": 1763533367972, "expiresAt": 1763536967972, "merchantSessionIdentifier": "<merchantSessionIdentifier>", "nonce": "<nonce>", "merchantIdentifier": "<merchantIdentifier>", "displayName": "Test Store", "signature": "<signature>", "initiative": "web", "initiativeContext": "test.example.com", "signedFields": [ "merchantIdentifier", "merchantSessionIdentifier", "initiative", "initiativeContext", "displayName", "nonce" ], "operationalAnalyticsIdentifier": "Test Store:<identifier>", "retries": 0, "pspId": "<pspId>" } Production create session request to https://apple-pay-gateway.apple.com/paymentservices/paymentSession is behaving as expected, sending the following fields as response: epochTimestamp, expiresAt, merchantSessionIdentifier, nonce, merchantIdentifier, domainName, displayName, signature, operationalAnalyticsIdentifier, retries, pspId Claude seems to suggest this is a response when Messages for Business is enabled, but this ApplePay Payment Processing merchant is only configured for Apple Pay on the Web. Any ideas or pointers to check for? We are worried this will spill over in production as well, which will break our ApplePay integration. Thanks in advance!

Hello everyone. I encountered a problem when integrating Apple Pay. I obtained all the renewal orders through the Apple interface, and their purchaseDate is 8 hours later than the actual payment time. Why is this happening? According to the documentation, the purchaseDate value provided by Apple is a millisecond timestamp that represents the actual payment time of the user, so theoretically there shouldn’t be any timezone issues. This works well in client-initiated subscriptions, but in renewal scenarios, the purchaseDate becomes unreliable. Could this be due to some configuration in the configuration center? For example, I actually received an Apple notification at 1746686911000 (2025-05-08 06:48:31 Etc/GMT). However, the data returned by the Apple interface is as shown below: { "appAccountToken": "xxxx", "bundleId": "xxxx", "currency": "GBP", "environment": "Production", "expiresDate": 1762616831000, "inAppOwnershipType": "PURCHASED", "isUpgraded": false, "offerDiscountType": "", "offerIdentifier": "", "offerType": 0, "originalPurchaseDate": 1746456432000, "originalTransactionId": "320002311698411", "price": 39990, "productId": "xxxx", "purchaseDate": 1746715631000, "quantity": 1, "revocationDate": 0, "revocationReason": 0, "signedDate": 1746687092825, "storefront": "GBR", "storefrontId": "xxxx", "subscriptionGroupIdentifier": "xxxx", "transactionId": "320002315815857", "transactionReason": "RENEWAL", "type": "Auto-Renewable Subscription", "webOrderLineItemId": "320001062124562" } You can see that the purchaseDate is 1746715631000 (2025-05-08 14:48:31 Etc/GMT), which is even later than the current time. Can someone explain this behavior that is inconsistent with the documentation, or did I do something wrong? I would be very grateful for any help anyone can provide.

I am adding In-App provisioning to my app. I am able to access the Apple Pay Sandbox and I have successfully tested adding a secure element/payment pass to Apple Wallet. However, once the pass has been added to the wallet, I can not access or retrieve the pass from my app. I have confirmed with the PNO that the PNO Pass Metadata Configuration in the testing environment include the correct metadata for "associatedApplicationIdentifiers" and "associatedStoreIdentifiers". Does anyone know why I am having this issue and how I can resolve it? Steps used to access pass in Apple Wallet I am unable to view the pass when I attempt to access it using the PKPassLibrary function as follows: let library = PKPassLibrary() if #available(iOS 13.4, *) { // This returns an empty array library.passes(of: .secureElement) } else { // This also returns an empty array library.passes(of: .payment) } // This returns an empty array too library.passes() Steps used to add pass to Apple Wallet These are the steps I follow to add the card: I create a PKAddPaymentPassRequestConfiguration I use this config to instantiate a PKAddPaymentPassViewController. I provide the nonce, nonceSignature, and certificates to my PNO along with the card data. I receive the activationData, encryptedPassData, and ephemeralPublicKey from my PNO and create a PKAddPaymentPassRequest using this data. I add the pass to Apple Wallet. In the addPaymentPassViewController callback, I am able to view the pass data from the .didFinishAdding pass: PKPaymentPass? variable. I am also able to see that the pass has been added from Apple Wallet app. I am not able to access the pass using PKPassLibrary().passes() at this point. I am not able to access the pass at any point after adding it either.

We’re building a usage-based rental flow. The final charge is only known after the session ends (like gas pumps). We want the same Apple Pay UX that gas stations like at a gas station has: the user does not see a pre-authorization amount up front; they only see “approved” and later the final posted amount on the statement. What we observe (gas stations / desired UX) When paying at gas station with Apple Pay (card-present), the user confirms their card (double-tap) but no pre-auth amount is shown in Wallet/notification UI. The small notification is from the bank (not the merchant) and shows only bank + merchant name, no total. After fueling ends, the final amount appears on the statement from the merchant. What happens in our flow (current behavior) Platform: Apple Pay via Stripe (Apple Pay on the Web with QR → mobile Safari Wallet sheet). When a user confirms payment, the pre-authorization amount is shown immediately to the user (appears like a charge from the user’s perspective). We want to avoid showing that amount, matching the pay-at-pump experience.

Hi Team, I have merchant session object - {"epochTimestamp":1748333121032,"expiresAt":1748336721032,"merchantSessionIdentifier":"SSH7CCD205FEEDD45AD84B77374D098B335_916523AAED1343F5BC5815E12BEE9250AFFDC1A17C46B0DE5A943F0F94927C24","nonce":"2d18eab4","merchantIdentifier":"8535F497EC92999BAD63C6F213F0F32DEEB5DBF8A0A91007F6C1128537B6FB19","domainName":"f7071159c1tst-store.occa.ocs.oraclecloud.com","displayName":"DDF Test","signature":"308006092a864886f70d010702a0803080020101310d300b0609608648016503040201308006092a864886f70d0107010000a080308203e43082038ba003020102020859d8a1bcaaf4e3cd300a06082a8648ce3d040302307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3231303432303139333730305a170d3236303431393139333635395a30623128302606035504030c1f6563632d736d702d62726f6b65722d7369676e5f5543342d53414e44424f5831143012060355040b0c0b694f532053797374656d7331133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d030107034200048230fdabc39cf75e202c50d99b4512e637e2a901dd6cb3e0b1cd4b526798f8cf4ebde81a25a8c21e4c33ddce8e2a96c2f6afa1930345c4e87a4426ce951b1295a38202113082020d300c0603551d130101ff04023000301f0603551d2304183016801423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b304506082b0601050507010104393037303506082b060105050730018629687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65616963613330323082011d0603551d2004820114308201103082010c06092a864886f7636405013081fe3081c306082b060105050702023081b60c81b352656c69616e6365206f6e207468697320636572746966696361746520627920616e7920706172747920617373756d657320616363657074616e6365206f6620746865207468656e206170706c696361626c65207374616e64617264207465726d7320616e6420636f6e646974696f6e73206f66207573652c20636572746966696361746520706f6c69637920616e642063657274696669636174696f6e2070726163746963652073746174656d656e74732e303606082b06010505070201162a687474703a2f2f7777772e6170706c652e636f6d2f6365727469666963617465617574686f726974792f30340603551d1f042d302b3029a027a0258623687474703a2f2f63726c2e6170706c652e636f6d2f6170706c6561696361332e63726c301d0603551d0e041604140224300b9aeeed463197a4a65a299e4271821c45300e0603551d0f0101ff040403020780300f06092a864886f76364061d04020500300a06082a8648ce3d0403020347003044022074a1b324db4249430dd3274c5074c4808d9a1f480e3a85c5c1362566325fbca3022069369053abf50b5a52f9f6004dc58aad6c50a7d608683790e0a73ad01e4ad981308202ee30820275a0030201020208496d2fbf3a98da97300a06082a8648ce3d0403023067311b301906035504030c124170706c6520526f6f74204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553301e170d3134303530363233343633305a170d3239303530363233343633305a307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b30090603550406130255533059301306072a8648ce3d020106082a8648ce3d03010703420004f017118419d76485d51a5e25810776e880a2efde7bae4de08dfc4b93e13356d5665b35ae22d097760d224e7bba08fd7617ce88cb76bb6670bec8e82984ff5445a381f73081f4304606082b06010505070101043a3038303606082b06010505073001862a687474703a2f2f6f6373702e6170706c652e636f6d2f6f63737030342d6170706c65726f6f7463616733301d0603551d0e0416041423f249c44f93e4ef27e6c4f6286c3fa2bbfd2e4b300f0603551d130101ff040530030101ff301f0603551d23041830168014bbb0dea15833889aa48a99debebdebafdacb24ab30370603551d1f0430302e302ca02aa0288626687474703a2f2f63726c2e6170706c652e636f6d2f6170706c65726f6f74636167332e63726c300e0603551d0f0101ff0404030201063010060a2a864886f7636406020e04020500300a06082a8648ce3d040302036700306402303acf7283511699b186fb35c356ca62bff417edd90f754da28ebef19c815e42b789f898f79b599f98d5410d8f9de9c2fe0230322dd54421b0a305776c5df3383b9067fd177c2c216d964fc6726982126f54f87a7d1b99cb9b0989216106990f09921d00003182018930820185020101308186307a312e302c06035504030c254170706c65204170706c69636174696f6e20496e746567726174696f6e204341202d20473331263024060355040b0c1d4170706c652043657274696669636174696f6e20417574686f7269747931133011060355040a0c0a4170706c6520496e632e310b3009060355040613025553020859d8a1bcaaf4e3cd300b0609608648016503040201a08193301806092a864886f70d010903310b06092a864886f70d010701301c06092a864886f70d010905310f170d3235303532373038303532315a302806092a864886f70d010934311b3019300b0609608648016503040201a10a06082a8648ce3d040302302f06092a864886f70d01090431220420c11c8025910403d6691af195664f47b606df9ccb351237d0de4e7c31e8a5067b300a06082a8648ce3d04030204483046022100ea8d2bb74b4960f17e4e45b99fec3f0539565fd3169091c6b39fbfb3e11a952a022100a4a4a3ff6d91caf8fa7d9b18179e0cc2156c90d4f719ae52734b4799c2b1beea000000000000","operationalAnalyticsIdentifier":"DDF Test:8535F497EC92999BAD63C6F213F0F32DEEB5DBF8A0A91007F6C1128537B6FB19","retries":0,"pspId":"8535F497EC92999BAD63C6F213F0F32DEEB5DBF8A0A91007F6C1128537B6FB19"} After sending this to session.compleMerchant I am getting the invalid access error. Regards, Varsha

Hi Guys, I am having an issue verifying a card when it is pending verification in the Apple Watch Wallet App and the iPhone Wallet. When the user verifies the card in the wallets, they are redirected to verification in my APP. However, the problem is that I don't know which application is calling, whether it is the Apple Watch or the iPhone, because the URL sends me the same serialNumber from the PKPASS. It is impossible to know if the user wants to verify and activate the card on the watch or the iPhone. Because I only receive the following information in the URL: myapp://app-url? passTypeldentifier=paymentpass.com.apple&action =verify&serialNumber=***** The serialNumber is the same from the iPhone Wallet and the Watch Wallet. func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any] = [:]) -> Bool { let source = options[.sourceApplication] I try to retrieve the source, but it comes back null. It would be the only way to know the originating App. Can someone help me solve this problem?

I am facing an issue while integrating Apple Pay in my React.js application. The onvalidatemerchant callback works perfectly, and the merchant validation is successfully completed. However, after the Apple Pay session is validated, the payment sheet appears briefly and then closes immediately without triggering the onpaymentauthorized event. I have provided the relevant code snippets and API implementation below. I would greatly appreciate your insights on resolving this issue. import React, { useEffect, useRef, useState } from "react"; // Relevant imports const ApplePayButton = ({ paymentType, handlePayment, cartSummary }) => { const [applePaySession, setApplePaySession] = useState(null); const cartSummaryRef = useRef(cartSummary); useEffect(() => { cartSummaryRef.current = cartSummary; }, [cartSummary]); const setupApplePaySession = async () => { if (!window.ApplePaySession || !ApplePaySession.canMakePayments()) { console.log("Apple Pay is not supported on this device/browser."); return; } const paymentRequest = { countryCode: "US", currencyCode: "USD", merchantCapabilities: ["supports3DS"], supportedNetworks: ["visa", "masterCard", "amex"], total: { label: "Total", amount: `${cartSummaryRef.current?.total?.amount || "10.00"}`, }, requiredBillingContactFields: ["postalAddress", "email", "phone", "name"], }; const session = new ApplePaySession(6, paymentRequest); setApplePaySession(session); session.onvalidatemerchant = async (event) => { try { const response = await createAndValidateApplePaySession({ validation_url: event.validationURL, provider: "APPLE_PAY", }); if (response?.status && response?.data?.applePaySession) { const merchantSession = JSON.parse( response.data.applePaySession.session_details ); session.completeMerchantValidation(merchantSession); } else { console.error("Merchant validation failed: Invalid response."); } } catch (error) { console.error(`Merchant validation error: ${JSON.stringify(error)}`); } }; session.onpaymentauthorized = (event) => { console.log("Payment authorized:", event.payment); }; session.oncancel = () => { console.log("Payment cancelled."); }; session.onerror = (event) => { console.error(`Apple Pay error: ${JSON.stringify(event)}`); }; session.begin(); }; return ( <> {paymentType === "APPLE_PAY" && ( )} </> ); }; export default ApplePayButton; createAndValidateApplePaySession = async (data) => { const { validation_url } = data; const apiUrl = ${this.finixUrl}/apple_pay_sessions; const base64Credentials = Buffer.from(this.credentials).toString("base64"); const body = { validation_url, merchant_identity: process.env.FINIX_APPLE_PAY_MERCHANT_ID, domain: process.env.FINIX_APPLE_PAY_DOMAIN, display_name: process.env.FINIX_APPLE_PAY_DISPLAY_NAME, }; const requestData = { url: apiUrl, data: body, headers: { "Content-Type": "application/json", Authorization: Basic ${base64Credentials}, }, }; try { const response = await axios.post(requestData.url, requestData.data, { headers: requestData.headers, }); return response?.data; } catch (error) { console.error("Merchant validation failed:", error); return error; } }; Current Behavior: Apple Pay button renders successfully. Clicking the button triggers the setupApplePaySession function. The merchant validation completes successfully via the onvalidatemerchant callback, and a valid merchant session is received from the API. The Apple Pay sheet appears briefly and then closes immediately. The onpaymentauthorized callback is never triggered. Expected Behavior: The payment sheet should remain open after merchant validation, allowing the user to select a payment method and authorize the payment. The onpaymentauthorized callback should then be triggered to handle the payment token.

I am trying to play around on the Apple Pay demo page (https://applepaydemo.apple.com) and I am getting the following error response. PaymentRequest AbortError: The operation was aborted. I am using the Payment Request API

Hi, I set up a Sandbox Tester account in my company’s Apple Developer Program and signed in on my iPhone under Settings → App Store → Sandbox Account. When I go to Wallet → Add, I only see options for Credit or Debit Card or Travel Card. The option to add an Apple Pay Sandbox Card is missing, and when I try entering the test card numbers from Apple’s documentation (developer.apple.com/apple-pay/sandbox-testing), the card is not valid. Has anyone experienced this and found a solution? Thanks! PS: I can't post this to Wallet Category, I keep getting error that it contains sensitive text.

Hello, we are experiencing issues with adding VISA cards via In-App Provisioning on iOS using PassKit. The same flow works correctly with Mastercard, but for VISA cards the Apple broker endpoint returns HTTP 500. Details Device: iPhone15,3 (iPhone 15 Pro), iOS 18.6.1 (22G90) Region: CZ App: [REDACTED] (version 0.4.3) Issuer ID: [REDACTED] Merchant ID and entitlements are configured and validated. SEID: [REDACTED] Request flow GET /broker/v4/devices/{SEID}/issuerProvisioningCertificates?encryptionVersion=EV_ECC_v2 Request ID: B61363A8-0BFF-4CD6-92BC-52C461DFFAAD Response: 200 OK Conversation ID: e12c64c9a0b54981adfad8d00800d836 Returned nonce: [REDACTED] Timestamp: 2025.08.21_14-01-46+0200 POST /broker/v4/devices/{SEID}/cards Request ID: F29B73CA-CDDE-4C0C-9F40-B87AE006FDDD Payload fields present (values redacted): encryptedCardData [REDACTED], ephemeralPublicKey [REDACTED], publicKeyHash [REDACTED], nonce [REDACTED], issuerIdentifier [REDACTED], encryptionVersion=EV_ECC_v2 Response: 500 Internal Server Error (latency ~0.41s) Timestamp: 2025.08.21_14-01-47+0200 Observation Provisioning succeeds with Mastercard but consistently fails with VISA. The GET issuerProvisioningCertificates succeeds; the POST …/cards returns 500. Request Could you please: Provide internal error details for Request ID F29B73CA-CDDE-4C0C-9F40-B87AE006FDDD (and/or Conversation ID e12c64c9a0b54981adfad8d00800d836), Confirm whether the 500 originates before or after the broker’s call to VTS (Visa Token Service), and Validate that our app/merchant/issuer configuration is fully enabled for VISA push provisioning in our region. Attached privately: sysdiagnose with full traces (can share via secure channel upon request). Kind regards, Martin

Hello, we are developing in app provisioning of our American Express network cards. After clicking add to apple wallet in our app, I launch the PKAddPaymentPassViewController and click next. It loads for a few seconds and then I get: [<private>] ProvisioningOperationComposer: Step '<private>' failed with error Error Domain=PKProvisioningErrorDomain Code=5 UserInfo={PKErrorHTTPResponseStatusCodeKey=500} Does anyone have any insight on what this error means?

The Shortcuts app offers the possibility to trigger shortcuts/intends when a wallet credit card is used and a new transaction is created. I would like to add transaction details to one of my apps and use such a shortcut for it. Other apps do the exact same thing, so this should not be a problem. Adding a shortcut to my app was not a big deal. However, how can this be tested on simulator? When trying to add a new automatization in the Shortcuts app using a wallet transaction as trigger I cannot finish the setup dialog since the Next button is disabled. I assume this is because no card is configured. When trying to add a card in Wallet I just receive that this was not successful. I have connected the simulator to a Sandbox Apple ID account using a region which supports Apple Pay (US). Using a real account does not solve the problem. Any idea how to get this working? Using real transaction within a store could obviously not be the solution for debugging.

I'm seeking clarification on how Requirement 4.1 ("Card Issuers with a Mobile App must support In-App provisioning") applies when the card issuer uses a third-party mobile banking platform rather than a self-developed app. Our situation: We are a small credit union (the card issuer) Our mobile banking app is provided by a third-party digital banking vendor (white-label, but branded with our name) Card processing is handled by a separate vendor The ambiguity: The Apple Pay Specifications define "Card Issuer Mobile App" as: "The Card Issuer-branded, iOS software application made available on a Device that is used by such Card Issuer's customers to manage, administer, or use Cards." Our mobile banking app meets this definition—it's branded with our name and used by our members to manage their accounts and cards. However, we don't develop or directly control the app; our digital banking vendor does. The webinar FAQ stated: "Do we have to implement in-app provisioning? Yes, if you have an app." Our digital banking vendor interprets this as not applying to them because they are "not the issuer." They've stated: "Apple's requirements are at the card-processor level... our credit unions and, by extension, we are not required to support Apple Pay's in-app provisioning." Our card processor has indicated they will support in-app provisioning integrations but notes "this would be digital provisioning and we would need the digital banking vendor to work with us to enable." Specific questions: When a card issuer uses a third-party mobile banking app (branded for the issuer but developed/maintained by a vendor), does Requirement 4.1 apply? If yes, who bears compliance responsibility—the issuer, the mobile app vendor, or both? If the mobile app vendor does not implement in-app provisioning by January 15, 2026, what is the issuer's exposure? Does the issuer face suspension from the Program due to vendor non-compliance? Is there an alternative compliance path under Requirement 4.8 (Web Provisioning) for issuers whose mobile app vendors cannot deliver in-app provisioning by the deadline? This scenario likely affects hundreds of small financial institutions using shared digital banking platforms. Clarity on vendor vs. issuer responsibility would help the entire ecosystem prepare appropriately. Thank you.

we are experiencing an issue when making an HTTP call to: "https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant". The response we are receiving back is HTTP Status Code 401 Unauthorized. We noticed the issues started around "Jan 24, 2025 at 9:51:46.327 am" and is still carrying on. Some other examples of when the calls failed: Jan 27, 2025 at 3:04:31.387 pm Jan 27, 2025 at 9:46:04.068 am Jan 27, 2025 at 3:36 pm All of the above dates and times are UK GMT +0 times. As the problem is around HTTP status code of 401 Unauthorised its tough to show what's actually happening. Like I stated above everything was working correctly before the 24th of Jan and nothing has changed or been modified on our side. I have even tried to do the following: Use the first set of Certs to perform a test Still returns 401 Delete a Cert and re generating them from scratch to perform a test with those set of Certs Still returns 401 I have just tried to process another HTTP call to the paymentservices/registerMerchant and I could inspect the headers of the request and im hoping this helps in your investigation. Headers: x-keystone-correlationid = 8f9a3c16-f78f-4f9b-9484-63190ef14a77 Date = Tue, 28 Jan 2025 10:00:43 GMT x-envoy-upstream-service-time = 4 x-apay-service-response-details = via_upstream We also found an article that has us a bit worried about this issue. Article here: https://developer.apple.com/news/?id=2x8awlvm States that Apple/Apple Pay will be making some changes to the ciphers in the coming months. With this article and the issues we seeing on Sandbox Environment we are worried that come the 4th of February as stated in the article that our Production Environment will be effected and we will stop being able to use Apple Pay so that gives us about a week to fix any issues/change code that might come out of it. Please could you come back with some information around the Article posted and if our Production Environment would be impacted.

For Apple Pay testing, I have tried the following: Sign into the Sandbox Account via Developer Settings: Settings > Developer > Sandbox Account Keep your main Apple ID for everything else Add Test Cards to Wallet: Try adding the test card numbers (MasterCard and Visa Debit, as we support only those) Apple provides in their documentation. Unfortunately, none of them are added to the wallet. All the time it gives 'Could Not Add Card'. I tried on devices with iOS 18+. Can anyone advise on this? Thanks

Issue Description In our Apple Pay integration process, the validation URL returned from the onvalidatemerchant callback is: https://apple-pay-gateway.apple.com/paymentservices/startSession However, according to Apple’s official documentation (reference link), the correct validation URL is: https://apple-pay-gateway.apple.com/paymentservices/paymentSession We are seeking clarification and assistance regarding the following issues: Issue 1 Will continuing to use the startSession URL cause problems or errors? Are there functional differences between the two URLs (startSession and paymentSession)? Does Apple still officially support startSession, or are we required to switch to paymentSession? Issue 2 We occasionally experience the following 400 error, even though the URL we use for validation is the one returned from the onvalidatemerchant callback: 400: { "statusMessage": "Payment Services Exception merchantId=*** not registered for domain=***.com", "statusCode": "400" } We have verified the following: Our Merchant ID and certificates are valid. All Apple Pay configuration details, including merchant domain verification and placement of the .well-known/apple-developer-merchantid-domain-association file, have been correctly set up and verified. However, we still encounter the error intermittently. Questions: If we need to transition to using paymentSession, how should we do this? Could this error be related to the use of startSession? If not, how should we troubleshoot further? Support Needed Confirmation and clarification on the proper usage and differences between the two URLs: startSession and paymentSession. Guidance on how we can investigate and resolve the 400 error to ensure that the Apple Pay validation process works consistently. We appreciate your assistance and support!

Hi, I understand that it's possible to add a virtual debit or credit card from a mobile app into the iOS Wallet using PassKit from the Apple SDK. However, I haven't come across documentation on how to achieve this directly from a web app. I found this article on Apple's support site (https://support.apple.com/en-gb/guide/security/secdc2567239/web), which mentions adding cards from a card issuer’s website, but it doesn’t provide details on the process. Could you please confirm if it's possible to add a card directly from a web app without using a mobile app? If so, could you guide me to the relevant documentation? Thanks in advance!

Hello. we are looking in adding an additional verification method as part of our in app provisioning to apple wallet. the method is called app to app verification method where basically when the customer adds their card (debit or credit) on apple wallet they can be verified through a third party app. does apple support this? where can i find any material related to this?

I am trying to find solutions past 4 days. but not getting any reference about NFC implementation in my app to read Debit/Credit card upon user consent? Can you confirm apple is provided any api for read Debit/Credit card using NFC or not. Tried with normal NFCReader but it reads only for normal tags but nothing with Visa/ MasterCard cards. Looking forward some help from you. Thanks

Hello, Please help. We have been experiencing what appears to be a TLS handshake error in our Apple Pay merchant validation requests (2-way TLS) since June 25, 2025. We are aware of the encryption algorithm changes made in February 2025, and our system was functioning correctly at that time. However, the error started occurring suddenly and only recently. Could you please clarify the following points? Have there been any changes to the TLS configuration (cipher suites, certificates, protocol versions, etc.) on the Apple Pay server side since June 2025? Have there been any updates to the specifications or recommended settings for merchant validation requests? Is there any way to contact Apple for technical support regarding this issue other than through the Developer Forums? Our Merchant Identity Certificate has already been renewed and is confirmed to be valid.