Apple pay on checkout in iframe is working with test cards while in Private window. However when we go into normal browsing the Apple Pay button is greyed out. Real cards will ask for fingerprint and then decline with "Payment Not Completed". What is the issue?

We are a regulated financial institution and Apple Pay issuer seeking clarification on the in-app push provisioning requirement and the January 15, 2026 timeline. Like many community financial institutions: Our mobile banking app is issuer-branded but provided by a third-party vendor Apple Pay enablement and tokenization are handled by a separate card processor While we support Apple’s goals and understand the issuer is ultimately responsible, delivery of in-app provisioning is dependent on third-party vendor roadmaps and cross-vendor integrations that are outside our direct control. Despite active, good-faith efforts with both vendors, current platform constraints make the January 15, 2026 deadline challenging. We would appreciate clarification on: How Apple evaluates compliance when an issuer’s mobile app is built and maintained by a third party Whether any transitional flexibility or phased enforcement is expected for issuers showing documented progress Whether approved web-based provisioning may be acceptable as an interim option How issuers should document due diligence when vendor dependencies delay implementation Additional guidance would help many credit unions and community banks plan appropriately and remain compliant. Thank you for your guidance.

I am trying to play around on the Apple Pay demo page (https://applepaydemo.apple.com) and I am getting the following error response. PaymentRequest AbortError: The operation was aborted. I am using the Payment Request API

I have a problem generating the domain certificate for a merchant id it gives me an error but when using the URL that Apple uses to validate said within the .well-known if the file can be loaded

Hi, I understand that it's possible to add a virtual debit or credit card from a mobile app into the iOS Wallet using PassKit from the Apple SDK. However, I haven't come across documentation on how to achieve this directly from a web app. I found this article on Apple's support site (https://support.apple.com/en-gb/guide/security/secdc2567239/web), which mentions adding cards from a card issuer’s website, but it doesn’t provide details on the process. Could you please confirm if it's possible to add a card directly from a web app without using a mobile app? If so, could you guide me to the relevant documentation? Thanks in advance!

Hello, Please help. We have been experiencing what appears to be a TLS handshake error in our Apple Pay merchant validation requests (2-way TLS) since June 25, 2025. We are aware of the encryption algorithm changes made in February 2025, and our system was functioning correctly at that time. However, the error started occurring suddenly and only recently. Could you please clarify the following points? Have there been any changes to the TLS configuration (cipher suites, certificates, protocol versions, etc.) on the Apple Pay server side since June 2025? Have there been any updates to the specifications or recommended settings for merchant validation requests? Is there any way to contact Apple for technical support regarding this issue other than through the Developer Forums? Our Merchant Identity Certificate has already been renewed and is confirmed to be valid.

Hi Guys, I am having an issue verifying a card when it is pending verification in the Apple Watch Wallet App and the iPhone Wallet. When the user verifies the card in the wallets, they are redirected to verification in my APP. However, the problem is that I don't know which application is calling, whether it is the Apple Watch or the iPhone, because the URL sends me the same serialNumber from the PKPASS. It is impossible to know if the user wants to verify and activate the card on the watch or the iPhone. Because I only receive the following information in the URL: myapp://app-url? passTypeldentifier=paymentpass.com.apple&action =verify&serialNumber=***** The serialNumber is the same from the iPhone Wallet and the Watch Wallet. func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any] = [:]) -> Bool { let source = options[.sourceApplication] I try to retrieve the source, but it comes back null. It would be the only way to know the originating App. Can someone help me solve this problem?

Hello. we are looking in adding an additional verification method as part of our in app provisioning to apple wallet. the method is called app to app verification method where basically when the customer adds their card (debit or credit) on apple wallet they can be verified through a third party app. does apple support this? where can i find any material related to this?

I have the HCE entitlements, but it's not clear from the documentation I have, how to configure my app as the default app for the double tap of the power button. Nor can i see where this is in iOS 18.2 settings. The closest I can find is 'Settings > Default Apps > Contactless App', which still shows only Wallet after I install my app with all the new entitlements and provisioning profile. I have these entitlement successfully provisioning my app: <key>com.apple.developer.nfc.hce</key> <true/> <key>com.apple.developer.nfc.hce.iso7816.select-identifier-prefixes</key> <array> <string>A0000000031010</string> <string>A00000002501</string> <string>A0000000049999</string> <string>A0000000041010</string> </array> <key>com.apple.developer.nfc.hce.default-contactless-app</key> <true/> The documentation here: https://developer.apple.com/support/hce-transactions-in-apps/ also references a link to changes in Info.plist, but the url takes me to storekit-external-entitlement documentation about dating apps in the netherlands ???!!!??? Any help would be appreciated to at least get started by allowing me to change the double tap action to my app. Thanks

We have integrated the card provisioning in Apple wallet for quite sometime now through an external processor and we got the App Entitlement for the same. Now we are building the card provisioning in Apple Wallet flow in our app. Though everything seems to work fine (including issuer certificates, nonce etc.) but when we are clicking on ADD button on card details screen, I am getting an error saying "Could Not Add Card". When I inspect the error from didFinishAddingPaymentPass, it reads "The operation couldn’t be completed. (PKPassKitErrorDomain error 2.)". Though the Apple documentation suggests it as an unsupportedVersionError but it does not say anything beyond that. I want more detailed explanation because of which I am getting this error

We rely on ApplePaySession.applePayCapabilities() to decide whether to show the Apple Pay button. We use two different merchant IDs for non-prod/prod environments, and encountered a change in behavior where this API now returns different results. These merchant IDs are generated from a third-party provider Adyen. However, Adyen has informed us that they are unable to identify the root cause of the issue and advised us to seek assistance directly from Apple Pay support. Timeline Last known working date: 13/08/2025 Issue first noticed: 18/08/2025 Environment Details Apple Pay JS API version 1.latest Browsers Tested: Third party browsers including Chrome/139.0.0.0, Firefox/141.0 Browsers with ApplePaySession built-in (like iOS Chrome, iOS Safari, and macOS Safari) are working fine Framework Stack: Angular v18.1.3 (important) no configuration setup in Apple dev account, merchantId is generated from a third-party provider Adyen. Current Execution Flow: Apple Pay JS API script element is injected <script type="text/javascript" async="" src="https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js"></script> Triggers below to check apple pay readiness, different ${merchantId_credential} is used: await window.ApplePaySession.applePayCapabilities(`${merchantId_credential}`); (**ApplePaySession is a valid object at this point) Observed that different paymentCredentialStatus is returned // nonprod env { "paymentCredentialStatus": "applePayUnsupported" // unexpected } // prod env { "paymentCredentialStatus": "paymentCredentialStatusUnknown" } The same code is executed in each environment and the behaviour was also the same, but has changed since then. Side notes By checking the SDK’s internal code, we saw that in third-party browsers it makes an extra call to the following endpoint. Responses from this call also come back differently depending on the merchantId. When invoking below: curl -X POST \ https://smp-paymentservices.apple.com/paymentservices/v3/checkStatus/merchant/{merchantId} \ -H 'Content-Type: application/json' \ -d '{ "initiative": "web", "initiativeContext": "env_specific_domain" }' Our non-prod environment returns {"registered":false} while using prod's merchantId and domain it returns {"registered":true}. We thought the issue might be domain-related since the environments are on different domains, but so far, no luck. The main questions we're looking to resolve are: Why did the behavior change at a certain point despite no code changes? How should we approach this investigation, and what specific requests should we be making to the Adyen team? Why does the response from the call to https://smp-paymentservices.apple.com/paymentservices/v3/checkStatus/merchant/{merchantId} return different results? Perhaps this could provide a clue regarding the question above? We noticed that canMakePayments() is returning true, so we could consider using that as a workaround. Would it be safe to change the source of truth relying on canMakePayments() for displaying Apple Pay? There is a concern that this issue may also occur in our production environment, so we would appreciate assistance in understanding what is happening and finding a resolution.

Hello everyone, I’m currently in the process of implementing Apple Pay on my company’s e-commerce website under a subscription model with recurring payments. I would appreciate some help in clarifying the following points: Is the applicationPrimaryAccountNumber the DPAN and the merchantTokenIdentifier the MPAN? If not, which fields represent each one or how do I recognise them? Is the onlinePaymentCryptogram used only for processing payments with the DPAN, or is it also involved when using the MPAN? Is the onlinePaymentCryptogram single-use or does it have an expiration time? Or is it reusable with no limits? According to Apple’s data policies, is it recommended for our servers to perform the payment token decryption (debundling), or should this only be handled by the payment gateway processor to stay compliant? Below is the payment request I’m using for testing, along with the decrypted payment token returned for a test card: Payment Request: { "countryCode": "US", "currencyCode": "USD", "merchantCapabilities": ["supports3DS", "supportsDebit", "supportsCredit"], "supportedNetworks": ["visa", "masterCard", "amex", "discover"], "requiredBillingContactFields": ["postalAddress", "name"], "lineItems": [ { "label": "Subtotal", "amount": "9" }, { "label": "Taxes", "amount": "1" } ], "total": { "label": "Demo (Card is not charged)", "amount": "10", "type": "final", "recurringPaymentIntervalUnit": "month" }, "recurringPaymentRequest": { "paymentDescription": "Recurring payment", "regularBilling": { "label": "Demo (Card is not charged)", "amount": "10", "type": "final", "paymentTiming": "recurring", "recurringPaymentIntervalUnit": "month" }, "managementURL": "${window.location.origin}/api/managePaymentMethod" } } Decrypted Payment Token: { "applicationPrimaryAccountNumber": "5204240494898922", "applicationExpirationDate": "280630", "currencyCode": "840", "transactionAmount": 0, "deviceManufacturerIdentifier": "050110030273", "paymentDataType": "3DSecure", "paymentData": { "onlinePaymentCryptogram": "MCt5xR+VnQAAAAM/8mUjAAADFIA=" }, "merchantTokenIdentifier": "DM4MMC1US000000042e438d170774669844e732a41c28e97", "merchantTokenMetadata": { "cardMetadata": { "longDescription": "Test Bank for MasterCard MTF", "cardCountry": "US", "shortDescription": "Test Bank 2", "fpanSuffix": "0049" }, "cardArt": [ { "url": "https://nc-crt-smp-device-asset.apple.com:443/broker/v1/assets/174ce63257704d93b00aff8aa09ec0d5", "name": "cardBackgroundCombined@2x.png", "type": "image/png" } ] } } Thanks in advance for your help and guidance.

Does anyone have info about the Retention Messaging API. We've requested access to it, but there's no answer.

We have implemented In-App Provisioning, but when I start the tokenization process, I receive an error before the terms and conditions. We are testing with a version of the app on TestFlight. The error message is: Could not add card. Try again later or contact your card issuer for more information. Could you please help me?

Description: I’m integrating Apple Pay JS (version 3) into an Angular application. Here are the key details: Environment: Angular (latest) Apple Pay JS v3 Chrome (confirmed window.ApplePaySession is available) application region is in US. I'm in Taiwan and using my iPhone Taiwan account to scan the QR Code/ Implemented Handlers: onvalidatemerchant onpaymentmethodselected onpaymentauthorized oncancel Observed Behavior: When I click the Apple Pay button, the console logs: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://applepay.cdn-apple.com') does not match the recipient window's origin ('https://{our-domain-name}') Despite this, the QR code still appears. Scanning the QR code with an iPhone 13 Pro running iOS 18.4.1 brings up the Apple Pay sheet with the correct amount, but payment never completes. In the browser, none of my Angular event handlers fire except oncancel. Questions: What causes the postMessage origin mismatch with Apple’s CDN frame, and how should my application handle it? Why doesn’t onpaymentauthorized ever fire, and how can I complete the payment flow so that session.completePayment() succeeds? Any guidance or sample code snippets for a proper merchant-validation and payment-completion sequence in this setup would be greatly appreciated. my code onApplePayButtonClicked() { if (!ApplePaySession) { console.error('[ApplePay] ApplePaySession is not supported'); return; } // Define ApplePayPaymentRequest const request : ApplePayJS.ApplePayPaymentRequest = { countryCode: this.currencyCode, currencyCode: Constants.CountryCodeUS, merchantCapabilities: this.merchantCapabilities, supportedNetworks: this.supportedNetworks, total: { label: this.label, type: "final" as ApplePayJS.ApplePayLineItemType, amount: this.orderAmount.toString(), }, }; // Create ApplePaySession const session = new ApplePaySession(3, request); session.onvalidatemerchant = async event => { console.info('[ApplePay] onvalidatemerchant', event); try { const merchantSession = await fetch(`${this.paymentUrl}/api/applepay/validatemerchant`, { method: 'POST', headers: { 'Content-Type': 'application/json', }, body: JSON.stringify({ PKeyCompany: this.paymentAppleMerchantId, ValidationUrl: event.validationURL }) }).then((r) => r.json()); session.completeMerchantValidation(merchantSession); } catch (error) { console.error('[ApplePay] onvalidatemerchant MerchantValidation error', error); session.abort(); } }; session.onpaymentauthorized = (event) => { console.info('[ApplePay] paymentauthorized', event); const token = event.payment.token; this.paymentTokenEmitted.emit({ token: JSON.stringify(token), paymentType: PaymentOptionType.ApplePay }); session.completePayment(ApplePaySession.STATUS_SUCCESS); }; session.onpaymentmethodselected = (event) => { console.info('[ApplePay] paymentmethodselected', event); const update: ApplePayJS.ApplePayPaymentMethodUpdate = { newTotal: request.total }; session.completePaymentMethodSelection(update); }; session.oncancel = (event) => { console.error('[ApplePay] oncancel', event); this.errorEmitted.emit({ error: 'Apple Pay cancel' }); }; session.begin(); }

Hello. What is the process to get my company listed as an approved Apple Pay Payment Service provider here: https://developer.apple.com/apple-pay/payment-platforms/ We are integrating Apple Pay on our gateway. Our customers are merchants who accept ecommerce payments via our payment gateway. We would like to appear on the list here: https://developer.apple.com/apple-pay/payment-platforms/ Thank you.

When integrating the Wallet Extension, after clicking my app icon from the "From Apps on Your iPhone" list, I encountered the message: "Cannot Add Card. 'XXX' is not responding. Wait a few minutes and try again. If the problem continues, contact the card issuer's customer service" instead of the configured login page appearing as expected. What could be causing this issue, and how should I resolve it?

I'm seeking clarification on how Requirement 4.1 ("Card Issuers with a Mobile App must support In-App provisioning") applies when the card issuer uses a third-party mobile banking platform rather than a self-developed app. Our situation: We are a small credit union (the card issuer) Our mobile banking app is provided by a third-party digital banking vendor (white-label, but branded with our name) Card processing is handled by a separate vendor The ambiguity: The Apple Pay Specifications define "Card Issuer Mobile App" as: "The Card Issuer-branded, iOS software application made available on a Device that is used by such Card Issuer's customers to manage, administer, or use Cards." Our mobile banking app meets this definition—it's branded with our name and used by our members to manage their accounts and cards. However, we don't develop or directly control the app; our digital banking vendor does. The webinar FAQ stated: "Do we have to implement in-app provisioning? Yes, if you have an app." Our digital banking vendor interprets this as not applying to them because they are "not the issuer." They've stated: "Apple's requirements are at the card-processor level... our credit unions and, by extension, we are not required to support Apple Pay's in-app provisioning." Our card processor has indicated they will support in-app provisioning integrations but notes "this would be digital provisioning and we would need the digital banking vendor to work with us to enable." Specific questions: When a card issuer uses a third-party mobile banking app (branded for the issuer but developed/maintained by a vendor), does Requirement 4.1 apply? If yes, who bears compliance responsibility—the issuer, the mobile app vendor, or both? If the mobile app vendor does not implement in-app provisioning by January 15, 2026, what is the issuer's exposure? Does the issuer face suspension from the Program due to vendor non-compliance? Is there an alternative compliance path under Requirement 4.8 (Web Provisioning) for issuers whose mobile app vendors cannot deliver in-app provisioning by the deadline? This scenario likely affects hundreds of small financial institutions using shared digital banking platforms. Clarity on vendor vs. issuer responsibility would help the entire ecosystem prepare appropriately. Thank you.

For Apple Pay Testing purposes, we're trying out cards from https://developer.apple.com/apple-pay/sandbox-testing/ Visa, AMEX, Discover cards can be added to the wallet. But all 5 of the listed options for Mastercard cannot be added to the wallet with the error "Card Device Limit". How can we resolve this?

This error occurs in Apple Pay Wallet In-App Provisioning Flow for Credit / Debit Cards When the data received from the PNO (Visa) is passed to PKAddPaymentPassRequest this error is seen in addPaymentPassViewController, in the finalize stage. Docs provide no clue as to what could be wrong. iOS 18.2.1 XCode 15.2 Error description mentions "unsupportedVersionError" Is the pass version not supported? Is the wallet version not supported? Is it an app implementation error or error in the data received from the PNO?