Currently, on our Production environment, when calling https://apple-pay-gateway.apple.com/paymentservices/paymentSessio,n we are randomly receiving: "Payment Services Exception merchantId={Value} unauthorized to process transactions on behalf of merchantId={Value} reason={Value} is not a registered merchant in WWDR and isn't properly authorized via Mass Enablement, either." Since launching Apple Pay on our platform we have received a new Domain Verification File and looking at some of the Domain Verification File that are hosted on the domains they are different to ours. Questions around the Domain Verification File Would we have to update every single Domain Verification File every time we receive a new one ? Does the paymentSession verfiy/call the Domain Verification File on the domain listed at https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association ? What happens if the Domain Verification File doesnt match the one that we currently have ? Would we have to regrester our Domains everytime we get a new Domain Verification File ?

we are experiencing an issue when making an HTTP call to: "https://apple-pay-gateway-cert.apple.com/paymentservices/registerMerchant". The response we are receiving back is HTTP Status Code 401 Unauthorized. We noticed the issues started around "Jan 24, 2025 at 9:51:46.327 am" and is still carrying on. Some other examples of when the calls failed: Jan 27, 2025 at 3:04:31.387 pm Jan 27, 2025 at 9:46:04.068 am Jan 27, 2025 at 3:36 pm All of the above dates and times are UK GMT +0 times. As the problem is around HTTP status code of 401 Unauthorised its tough to show what's actually happening. Like I stated above everything was working correctly before the 24th of Jan and nothing has changed or been modified on our side. I have even tried to do the following: Use the first set of Certs to perform a test Still returns 401 Delete a Cert and re generating them from scratch to perform a test with those set of Certs Still returns 401 I have just tried to process another HTTP call to the paymentservices/registerMerchant and I could inspect the headers of the request and im hoping this helps in your investigation. Headers: x-keystone-correlationid = 8f9a3c16-f78f-4f9b-9484-63190ef14a77 Date = Tue, 28 Jan 2025 10:00:43 GMT x-envoy-upstream-service-time = 4 x-apay-service-response-details = via_upstream We also found an article that has us a bit worried about this issue. Article here: https://developer.apple.com/news/?id=2x8awlvm States that Apple/Apple Pay will be making some changes to the ciphers in the coming months. With this article and the issues we seeing on Sandbox Environment we are worried that come the 4th of February as stated in the article that our Production Environment will be effected and we will stop being able to use Apple Pay so that gives us about a week to fix any issues/change code that might come out of it. Please could you come back with some information around the Article posted and if our Production Environment would be impacted.