I have some questions related to MPAN.
- What is the format of an MPAN?
Is it the same as DPAN?
-
Is it PAN preserving format?
-
Is a Cryptogram required and if yes, what kind of cryptogram?
Is it the same format as DPAN?
Thanks in Advance!
Hi @rkdev20511,
You wrote:
[...] What is the format of an MPAN? [...]
The MPAN follows the IOS/IEC 7812 format.
Then, you wrote:
[...] Is it the same as DPAN? [...]
Please see my answer on the post below for more information:
How to get MPAN (when supported)?
https://developer.apple.com/forums/thread/821039?answerId=893663022#893663022
Next, you wrote:
[...] Is it PAN preserving format? [...]
No, MPANs are explicitly non-PAN preserving. No digits from the underlying FPAN are retained.
Then, you wrote:
[...] Is a Cryptogram required and if yes, what kind of cryptogram? [...]
Yes, a per-transaction cryptogram is required for the initial cardholder-authenticated MPAN transaction. The cryptogram is generated by Apple Pay and delivered in the decrypted PKPaymentToken.paymentData payload:
{
"applicationPrimaryAccountNumber": "4XXX XXXX XXXX XXXX",
"applicationExpirationDate": "YYMMDD",
"paymentDataType": "3DSecure",
"paymentData": {
"onlinePaymentCryptogram": "...",
"eciIndicator": "7"
}
}
Note: This payload structure is identical in format to a DPAN-based payload—your integration code doesn't need to branch on MPAN vs DPAN for basic authorization.
For more information, see the documentation below:
Payment token format reference
Lastly, you wrote:
[...] Is it the same format as DPAN? [...]
Structurally, yes; semantically no. MPANS are bound to a specific merchant whereas DPANs are bound to a specific device. There are other differences within their given token metadata as well.
Cheers,
Paris X Pinkney | WWDR | DTS Engineer
