I have some questions related to MPAN. What is the format of an MPAN? Is it the same as DPAN? Is it PAN preserving format? Is a Cryptogram required and if yes, what kind of cryptogram? Is it the same format as DPAN? Thanks in Advance!

我是一个银行app开发人员，请问怎么将银行名称显示在苹果钱包“选取银行”列表中，实现用户点击跳转银行app进行免输卡号签约绑定，是否有详细接入步骤和文档？

We have been informed by a third-party subscription tracking service(Adjust) that, due to the following specification of App Store Connect, it is not possible to connect an STG app (a non-published testing app) with their server: Specification: Since Apple’s API only allows access for apps that are already published, it is not possible to enable subscription tracking for iOS apps that are not yet published. Could you please confirm if our understanding of this specification is correct? Additionally, is there any method or recommended approach to verify subscription tracking behavior with an STG (non-published) app before the app is released? Thank you very much for your support.

We have used the ApplePayRecurringRequest parameter required for Apple Pay subscriptions, but during testing the payment, the Apple Pay payment page shown to the user remains the same as the one-time payment page, without any subscription information. Could you please check if there is an issue with our parameters or if there is an issue with the merchantIdentifier being used? Here is the ApplePayRequestData that we are using. { "supportedMethods": "https://apple.com/apple-pay", "data": { "version": 3, "merchantIdentifier": "***", "merchantCapabilities": [ "supports3DS", "supportsCredit", "supportsDebit" ], "supportedNetworks": [ "visa", "masterCard" ], "countryCode": "US", "recurringPaymentRequest": { "paymentDescription": "A description of the recurring payment to display to the user in the payment sheet.", "regularBilling": { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" }, "trialBilling": { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, "billingAgreement": "A localized billing agreement displayed to the user in the payment sheet prior to the payment authorization.", "managementURL": "https://applepaydemo.apple.com", "tokenNotificationURL": "https://applepaydemo.apple.com" }, "additionalLineItems": [ { "label": "7 Day Trial", "amount": "0.00", "paymentTiming": "recurring", "recurringPaymentEndDate": "2025-06-02T16:00:00.000Z" }, { "label": "Recurring", "amount": "4.99", "paymentTiming": "recurring", "recurringPaymentStartDate": "2025-06-02T16:00:00.000Z" } ] }

Hi Apple Team and Developers, I’ve been testing the Top-up flow in our app via the TestFlight environment. Across multiple devices (around 10 tested), everything works fine with no issues. However, on one specific device — iPhone 14 Pro Max running iOS 18.6.2 — I’ve noticed an intermittent issue: When performing a Top-up, the Apple UI first shows a successful purchase confirmation. Immediately afterward, another UI prompt appears asking the player to re-enter their Apple ID password. At the same time, Apple returns a ghost string that we cannot use to verify the user’s package bundle ID. This creates potential confusion for users, as they see both a success confirmation and an unexpected password prompt. I’m unsure if this behavior is expected or if there’s a recommended way to handle or prevent this issue. Has anyone else encountered something similar, or does Apple have a suggested fix/workaround for this? For reference, here’s a short video of the issue in action: \🔗 https://drive.google.com/file/d/1Ml-QpEu4ocoxn-W3wEMsFMbXy2QdwbHB/view?usp=sharing Any guidance would be greatly appreciated. Thank you for your support!

Hi Team, For last 24 hours one of our team members is unable to login to apple dev portal due to two factor authentication not being sent. Error we are getting is "Verification codes can't be sent to this phone number at this time. Please try again later"

Hey everyone, hoping someone here has run into this before. I have a fully functional App Clip (com.didyoucatchit.app.Clip) linked to my main app (com.didyoucatchit.app). The Clip builds and runs perfectly, but I’m seeing issues trying to enable Apple Pay for it. When I try to link my Merchant ID under the “On Demand Install Capable” capability in the Apple Developer portal, I get this error: A relationship in the provided entity is not allowed for this request. The relationship 'undefined' can not be included in a 'bundleIdCapabilities' request. Here’s what I have already configured and confirmed: App Clip capabilities in Xcode include: Apple Pay Payment Processing Associated Domains (appclips:app.didyoucatchit.com) Provisioning profile includes: Apple Pay Payment Processing Associated Domains In-App Purchase On-Demand Install Capable Entitlements file for the Clip: <key>com.apple.developer.associated-domains</key> <array> <string>appclips:app.didyoucatchit.com</string> </array> <key>com.apple.developer.in-app-payments</key> <array> <string>merchant.com.didyoucatchit.app</string> </array> <key>com.apple.developer.parent-application-identifiers</key> <array> <string>$(AppIdentifierPrefix)com.didyoucatchit.app</string> </array> Merchant ID (merchant.com.didyoucatchit.app) is active and connected to Stripe Stripe Apple Pay configuration matches the same merchant ID and certificate Both provisioning profiles have been refreshed and downloaded However: The portal still throws the “relationship 'undefined'” error anytime I try to modify the Clip’s capabilities In testing, Apple Pay doesn’t show up as a payment option in the Clip (using Stripe’s Payment Element integration) Questions: Is this a known issue with the Developer portal when linking App Clips to merchant IDs? Is there a specific way to re-establish the parent–child relationship between the main app and the App Clip so the bundleIdCapabilities request includes the proper relationship JSON? Are there any additional configuration steps required when using Stripe for Apple Pay inside an App Clip? System Setup: Xcode: 16.2 (build 16C5032a) macOS: Sequoia 15.3.1 iOS: 18.5 (testing on physical device) Merchant ID: merchant.com.didyoucatchit.app Main App ID: com.didyoucatchit.app App Clip ID: com.didyoucatchit.app.Clip Any help or insight would be hugely appreciated Thanks in advance!

Hello we are trying to renew our certificates. We are trying to extend the dates of verified domains following the docs https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configure our server with https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server We've downloaded the apple-developer-merchantid-domain-association.txt and update it on their respective locations, click 'ok' button but we get redirected to the main page of the information of the merchant, and it shows the domains without the extending period of time. No popup showing what has failed or what could be the reason of this error, we only get a redirection to the main page.

We are implementing Apple Pay on our website, but we only sell services and would prefer that the shipping address section of the Apple Pay modal doesn't require the shipping address and just show the billing address. Is there any way to achieve this?

Hi, Somebody knows how to decode / decrypt emvData on Apple Pay e-commerce when paymentDataType=EMV? Thanks. Reference: https://developer.apple.com/documentation/passkit/payment-token-format-reference#Detailed-payment-data-keys-EMV

Currently, on our Production environment, when calling https://apple-pay-gateway.apple.com/paymentservices/paymentSessio,n we are randomly receiving: "Payment Services Exception merchantId={Value} unauthorized to process transactions on behalf of merchantId={Value} reason={Value} is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either." Since launching Apple Pay on our platform we have received a new Domain Verification File and looking at some of the Domain Verification File that are hosted on the domains they are different to ours. Questions around the Domain Verification File Would we have to update every single Domain Verification File every time we receive a new one ? Does the paymentSession verfiy/call the Domain Verification File on the domain listed at https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association ? What happens if the Domain Verification File doesnt match the one that we currently have ? Would we have to regrester our Domains everytime we get a new Domain Verification File ?

Hi :) I'm new to app store connect, and I just want to verify what does it take to be able to test subscription for a new app that isn't approved yet using sandbox? Or is this not possible that the app has to be approved first? More context below: My app is a new app, I only submitted for review and I linked the subscription from the app’s In-App Purchases and Subscriptions section on the version page when submit it for review. It got rejected for now. When the app review status is both in-review and rejected, I've tried to test my subscription, where there is a button (like "subscribe"/"become a member") in my app that user can click on, which it calls ios's IAPProvider.startMembershipPurchase, I just get Error: [IAPService] Product not found: [<my_subscription_id>]. I ensured my subscription's product id in app store connect matches with the one in my code. I can see the "rejected" status both on my app and the subscription. So can anyone help clarify if the app has to be approved first in order to test subscription? Or am I missing any other setup? Or it might just be my code? Thanks in advance! Any info is super helpful!

We are integrating Apple Pay In-App Provisioning in our banking application using an external SDK. The provisioning flow works on the iOS Simulator (mock sheet appears), but fails on real devices via TestFlight with the error: internalInconsistency: "PKAddPaymentPassViewController can not be created" Environment: Xcode 16 iOS 18 Real device: iPhone (tested via TestFlight / Distribution build) Card network: Mastercard What we've verified: com.apple.developer.payment-pass-provisioning entitlement is set to YES in our .entitlements file The entitlement is confirmed present in our Development provisioning profile via security cms -D -i embedded.mobileprovision | grep payment-pass → returns <true/> PKAddPaymentPassViewController.canAddPaymentPass() returns true on the device The card is NOT already in Apple Wallet (0 local/remote Secure Element passes) All provisioning data is present and valid (encryptedPayload, authorizationCode, primaryAccountSuffix, cardholderName) The external SDK is configured successfully at app launch Diagnostic logs from TestFlight build: canAddPaymentPass: true Local SE passes: 0 Remote SE passes: 0 suffix: 6165 name: [redacted] encryptedPayload length: 1130 authCode length: 514 scheme: Mastercard Card already in Wallet: false Error: internalInconsistency("PKAddPaymentPassViewController can not be created") Testing matrix: Environment Result Simulator Mock sheet appears (not a real test) Device + Debugger attached PKAddPaymentPassViewController error Device + Debugger detached (Dev build) SDK error 903: "device environment unsafe" TestFlight (Distribution) PKAddPaymentPassViewController cannot be created Questions: Can PKAddPaymentPassViewController fail to be created even when canAddPaymentPass() returns true? What other conditions could cause this? Is there a way to verify that the Distribution provisioning profile correctly includes the payment-pass-provisioning entitlement after it has been approved by Apple? Are there any additional Apple Pay entitlements or configurations (e.g., Wallet merchant setup, pass type identifiers) required beyond com.apple.developer.payment-pass-provisioning for In-App Provisioning to work? Does regenerating the Distribution provisioning profile on Apple Developer Portal resolve cases where entitlements were added after the profile was originally created? Any guidance would be greatly appreciated. Thank you.

Hello, we are trying to extend the dates of verified domains following the docs of https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configured the server following https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server we've download the apple-developer-merchantid-domain-association.txt and update them on their respective locations, click 'ok' button and we get redirected to the main page of the merchant certificate, but the expiration dates have not been extended, we can see on our web crawler that Apple Requested the file and it return a 200. No popup errors are shown, no console developer error we only get redirected to the merchant certificate information page.

Hi, we are implementing ID&V and there is a requirement regarding the flow for Apple Pay. In order to clarify the case I will describe the use case scenario or steps to reproduce first: add a card to the iPhone wallet app (yellow path verification required). Do not complete the ID&V process. add a card to the Watch via the Wallet inside the iPhone Watch app (yellow path verification required). Same as before, do not complete the ID&V complete ID&V process using the Issuer App either from iPhone or Watch. the Issuer app receives the application:openURL:options: callback on its AppDelegate. In the options dictionary, we can not see the UIApplicationOpenURLOptionsSourceApplicationKey populated (it is nil). At this moment, for the card we are adding there are now two tokens, both to be verified via ID&V process. One is on the iPhone and one is on the Apple Watch associated with the same iPhone. The url received at step 4 contains the serial number which identifies the digitized card and matches with both the tokens in the iPhone and in the Apple Watch. We need something to detect programmatically if the digitization process started from the iPhone Wallet app or from the wallet inside the Watch app. Could you please help us to identify how we could discriminate if the ID&V process has been started for the iPhone token or for the Apple Watch token? Thanks

We’ve integrated in-app card provisioning into our application. All required configurations have been completed, including: Token Service Provider (TSP) setup Certificates uploaded to the Apple Developer portal While the card is successfully added to the Wallet app, our application is currently unable to retrieve or read the added passes.

Hi , This is regarding the ApplePayRecurringPayment Request and Apple Pay on Web functionality. Does Apple Pay on web providing functionality that collects payments from the stored credit card issuer bank (or) it only provides secured wallet functionality that provides a token which then has to be utilized to send a seperate payment request through a third party payment gateway to collect the payments from the credit card issuer bank. thanks

Hello! We use Apple's "master account" scheme to register new clients trough API due to the fact that the number of merchant IDs in a developer account cannot exceed 100 records. It's been almost a year since we successfully used the master account ( ex. "merchant.com.xxx") and register clients via Postman. At the moment, the certificates for the master merchant ID start to expire on July 11 which will affect all customers which is under Master ID. We know that when updating certificates at the identifier level(our master id), new universal identity certificate files that we use to send to the merchants (merchant_id.pem, privkey.key) will be generated for authentication on the merchant side, as well as a new keystore. Since many of our clients are integrated with current files and keystores and have live traffic, we would like to know—is it possible to update certificates on the master account without changing the keystores and certificate identities? The impossibility of this will entail a large gap when switching to new certificates. Thanks in advance for your answer.

I'm currently integrating Apple Pay with my payment provider, and I'm encountering a signature validation error during the payment flow. Here's the setup: I’ve verified that my Merchant Certificate is valid, and I'm able to initialize the Apple Pay session without any issues. Also this curl works fine The Payment Processing Certificate was created by my PSP. PSP claims that the payment token signature is invalid during the transaction phase, which prevents payment completion. The parsed signature starts like this 0:d=0 hl=2 l=inf cons: SEQUENCE 2:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-signedData 13:d=1 hl=2 l=inf cons: cont [ 0 ] 15:d=2 hl=2 l=inf cons: SEQUENCE 17:d=3 hl=2 l= 1 prim: INTEGER :01 20:d=3 hl=2 l= 13 cons: SET 22:d=4 hl=2 l= 11 cons: SEQUENCE 24:d=5 hl=2 l= 9 prim: OBJECT :sha256 35:d=3 hl=2 l=inf cons: SEQUENCE 37:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data 48:d=4 hl=2 l= 0 prim: EOC 50:d=3 hl=2 l=inf cons: cont [ 0 ] 52:d=4 hl=4 l= 995 cons: SEQUENCE 56:d=5 hl=4 l= 904 cons: SEQUENCE 60:d=6 hl=2 l= 3 cons: cont [ 0 ] 62:d=7 hl=2 l= 1 prim: INTEGER :02 65:d=6 hl=2 l= 8 prim: INTEGER :16634C8B0E305717 75:d=6 hl=2 l= 10 cons: SEQUENCE 77:d=7 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 87:d=6 hl=2 l= 122 cons: SEQUENCE 89:d=7 hl=2 l= 46 cons: SET 91:d=8 hl=2 l= 44 cons: SEQUENCE 93:d=9 hl=2 l= 3 prim: OBJECT :commonName 98:d=9 hl=2 l= 37 prim: UTF8STRING :Apple Application Integration CA - G3 I'm looking for guidance on what could be causing this signature failure. Does anyone know what else I can check regarding the merchant or payment processing certificates, private keys, or key usage that might cause Apple Pay signature validation to fail, even if the session initializes successfully? Domains are also verified. Any help or suggestions would be greatly appreciated.

I am trying to play around on the Apple Pay demo page (https://applepaydemo.apple.com) and I am getting the following error response. PaymentRequest AbortError: The operation was aborted. I am using the Payment Request API