Can i, personally, create .pkpass for other companies using my apple developer ID? In order to create .pkpass, I need to create passTypIdentifier and teamIdentifier using apple developer ID Is it okay to create those two identifiers and create coupons or membership cards for other companies? I just wonder if it is against the law or developer guide.

Hello, we are trying to extend the dates of verified domains following the docs of https://developer.apple.com/documentation/applepayontheweb/maintaining-your-environment#Renew-Your-Domain-Verification and configured the server following https://developer.apple.com/documentation/ApplePayontheWeb/setting-up-your-server we've download the apple-developer-merchantid-domain-association.txt and update them on their respective locations, click 'ok' button and we get redirected to the main page of the merchant certificate, but the expiration dates have not been extended, we can see on our web crawler that Apple Requested the file and it return a 200. No popup errors are shown, no console developer error we only get redirected to the merchant certificate information page.

Hello, Apologies if this has been asked before but I have a website that takes subscriptions and payments through PayPal. It's a platform where authors can sell ebooks and anyone who purchaes an ebook, the money goes pretty much directly from the buyer's PayPal to the seller PayPal through the use of PayPal Multiparty where my platform acts as a third party that takes a fee. I'm currently building a React-Native app for my website and coming close to needing to integrate payment solutions. As far as I'm aware, Apple only allows Apple Pay payments for IAP and subscriptions? How would this work for my model? Can I integrate PayPal into Apple Pay like I do with my website? If not, what's the alternative?

iOS 16 and earlier On iOS 16 and earlier, Apple Pay on the Web required Safari—and all interactions with the Apple Pay API to come from the parent/top level page. In order to facilitate the Apple Pay button in an HTML inline frame (iframe), there will need to be cross frame communication between the child and parent pages. Cross frame communication should be secure and robust, therefore the use of postMessage for this purpose is recommended. The expectation is for all communication with Apple Pay to occur from the parent page, so the iframe must relay all Apple Pay related events to the parent to handle. Some examples: Apple Pay availability: The parent calls applePayCapabilities, then sends the message of the response to the iframe, which then uses the value to toggle the visibility of the Apple Pay button. Apple Pay session: The iframe receives an onclick() event when the Apple Pay button is clicked and sends the message to the parent (providing details about the transaction). The parent create the payment request to obtain the session validation URL, and eventually receive session credentials and invokes completeMerchantValidation() to prevent the payment sheet. After the payment is authorized by the Payment Service Provider (PSP), the parent either: Redirects the parent page to a payment success page; or Sends a message to the iframe to complete the transaction flow itself. iOS 17 and later On IOS 17 and later, the iframe HTML element should include the allow="payment" attribute, which should facilitate the cross frame communications instead of needing a dedicated JavaScript library. This means all of the Apple Pay code/calls can reside in the iframe page—which is typically a hosted page from a Payment Service Provider (PSP), all the parent page—typically a merchant—has to do is add the attribute mentioned above to the iframe element. Important: Regardless of the iOS version, the PSP/merchant always needs to make sure the parent page domain is the one registered in the Developer portal, and used in the request to generate a merchant session via ApplePaySession. Cheers, Paris X Pinkney |  WWDR | DTS Engineer

A team observed lots of timeouts from the Apple Pay session endpoint: https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession Is it expected or some kind of an implementation issue from the caller side? Thanks!

Hi, I am the developer of this app and I was shared this receipt which strangely does not list my name as the merchant but instead says "The flow network" as you can see below: What is going on?

In the docs, I see a button type with label "Pay With [apple logo]. https://developer.apple.com/design/human-interface-guidelines/apple-pay Although I don't see this type as an option here: https://developer.apple.com/documentation/PassKit/PKPaymentButtonType Wondering if I'm looking in the right place and if this button type is still available?

Two subscriptions, Plus and Max, are under the same subscription group, with Max having a higher tier than Plus. Promotional Offers for Max are configured in Apple Store Connect. When a user subscribes to Plus and then upgrades to Max using Promotional Offers, they are prompted with "Upgrade upon expiration" (Figure 1); if they don't use Promotional Offers, they are prompted to "Upgrade immediately" (Figure 2). Question 1: What is the situation with the "upgrade upon expiration" message in Figure 1? Is upgrading using Promotional Offers special? I couldn't find any relevant explanation in Apple's technical documentation. Question 2: Figure 1 shows an "upgrade upon expiration," but after subscribing, the webhook still shows the subscription start time as the current time, meaning the upgrade hasn't started immediately. Is the message incorrect?

We are an acquirer/payment provider offering Apple Pay. Our merchants use our hosted checkout to accept payments. After a user pays with Apple Pay on our checkout, the Wallet transaction record shows our checkout domain as the payee. We would like it to display the merchant’s brand/name so users can recognize or contact the merchant. Is there any parameter or configuration that controls what Wallet shows as the payee? For example, can this be set via a specific field/parameter, or is it strictly derived from the Merchant ID’s display name (or other Apple Pay configuration)? What is the correct approach for a PSP/acquirer to have the merchant’s brand shown in Wallet transaction record? Additional detail: The field in question is the merchant/payee name shown in the Apple Wallet receipt—directly under the transaction amount at the top of the receipt, and again beneath the “Total” line.

I am developing an app to add Discover cards to Apple Wallet. Unlike Visa, MasterCard, etc., Discover does not have APIs that return activationData, encryptedPassData and ephemeralPublicKey for a given card, so I have created a backend server to handle this. In my server, I am unsure how to generate the ephemeralPublicKey. Do I need to use the merchant certificate? If so, how do I use it to generate the ephemeralPublicKey? I would appreciate it if someone could provide me with a step-by-step guide on how to generate ephemeralPublicKey for provisioning a card.

We are experiencing intermittent 403 Forbidden errors during Apple Pay on web merchant validation in our production and sandbox environment. Has anyone else started seeing 403 Forbidden errors recently (since mid-2025)? Why would merchant validation be sometimes successful and sometimes fail with 403? Could this be related to new Apple Pay gateway changes or stricter validation rules? Any additional debug steps or permanent solutions we should try? Thank you.

Body: Hello, We are currently implementing iOS order verification and have encountered an issue. Some of the receipts we verify return with an empty in_app array, which makes it impossible to determine whether there is a valid in-app purchase. Below is the code we’re using for verification and the result we receive: Code Example: public function iosVerifyReceipt($receipt, $password = '', $sandbox = false) { $url = $sandbox ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt'; if (empty($password)) { $data = json_encode(['receipt-data' => $receipt]); } else { $data = json_encode(['receipt-data' => $receipt, 'password' => $password]); } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); curl_close($ch); $result = json_decode($result, true); $result = $result ?? []; $result['sandbox'] = $sandbox; if ($result['status'] != 0) { Log::warning('ios verify receipt failed', ['receipt' => $receipt, 'result' => $result, 'sandbox' => $sandbox]); if ($result['status'] == 21007) { return $this->iosVerifyReceipt($receipt, $password, true); } } return $result; } // Order validation check if (empty($result) || $result['status'] != 0) { throw new BadRequestHttpException("Ios Order Verify Error"); } $appItemId = $result['receipt']['app_item_id'] ?? ""; if ($appItemId != MY_APP_ID) { throw new BadRequestHttpException("Ios Order Verify Error"); } $inApp = array_filter($result['receipt']['in_app'] ?? [], function ($item) use ($transactionId, $order) { return $item['transaction_id'] == $transactionId && $item['product_id'] == $order->getProductId(); }); if (empty($inApp)) { throw new BadRequestHttpException("Ios Order Verify Error"); } Array ( [receipt] => Array ( [receipt_type] => Production [adam_id] => * [app_item_id] => * [bundle_id] => * [application_version] => * [download_id] => * [version_external_identifier] => * [receipt_creation_date] => 2025-02-11 04:06:47 Etc/GMT [receipt_creation_date_ms] => * [receipt_creation_date_pst] => 2025-02-10 20:06:47 America/Los_Angeles [request_date] => 2025-02-11 15:54:56 Etc/GMT [request_date_ms] => * [request_date_pst] => 2025-02-11 07:54:56 America/Los_Angeles [original_purchase_date] => 2025-02-11 04:02:41 Etc/GMT [original_purchase_date_ms] => * [original_purchase_date_pst] => 2025-02-10 20:02:41 America/Los_Angeles [original_application_version] => 5511 [preorder_date] => 2025-01-17 21:12:28 Etc/GMT [preorder_date_ms] => * [preorder_date_pst] => 2025-01-17 13:12:28 America/Los_Angeles [in_app] => Array ( ) ) [environment] => Production [status] => 0 [sandbox] => ) Problem Description: • We are noticing that in some orders, the in_app array is returned as empty. This causes difficulty in verifying the presence of in-app purchases. • Our validation logic assumes that if in_app is empty, the order is invalid, but we would like clarification on whether this is correct or if such a scenario is normal under certain conditions. Actions Taken: • We have reviewed Apple’s documentation and other related resources, but no clear explanation is given about when in_app might be empty. • Can we safely rely on an empty in_app array to consider the order invalid, or should we investigate further for potential issues like delays or errors during the verification process? We would appreciate your guidance on how to handle such cases. Thank you for your support!

Hello, I am setting up a feature for my company's banking app that allows users to add their payment/debit card they have with us to the Apple Wallet on their device. We have the in-app provisioning entitlement setup and configured in the app and configured with our banking partner/TSP. We are able to manually provision production environment cards via the Wallet app. I am using test card data from my TSP. I send them the two certificates, nonce, and nonce signature data and am given activationData, encryptedPassData, and an ephmeralPublicKey that we then set on an instance of PKAddPaymentPassRequest. We call the handler on the delegate method that is called with that request object and get an error: The operation couldn’t be completed. (PKPassKitErrorDomain error 2.) Looking at the PassKit library shows this is PKUnsupportedVersionError - Unsupported pass version. Our TSP hasn't been super helpful in troubleshooting this issue and just said we should contact Apple as it is an Apple error. I am trying to figure out if the issue is with how we are implementing the feature or with the test data itself given to us.

Hi, For one of my projects, I am using the Web Drop-in component of Adyen PSP on a Salesforce B2B Commerce site. One of the payment methods is Apple Pay. The payment method is rendered, but the Apple Pay button is not clickable. We tried debugging it but could not identify the root cause. Could you advise how this issue can be fixed? Thanks

I'm encountering an issue with Apple Pay on both Wallet and the Watch app where the app name is not showing up on the back of the payment card(Card details). The pass was successfully provisioned, and everything seems to be working, but the expected app name or brand isn't displayed, and instead, I see the generic "Something went wrong. Try again Later" message. Do we need to configure something to get this displayed in Wallet app?

Hi , This is regarding the ApplePayRecurringPayment Request and Apple Pay on Web functionality. Does Apple Pay on web providing functionality that collects payments from the stored credit card issuer bank (or) it only provides secured wallet functionality that provides a token which then has to be utilized to send a seperate payment request through a third party payment gateway to collect the payments from the credit card issuer bank. thanks

We have finished integrating Apple Pay in our app and our payment processor is requiring us to send the 3dSecure version used for apple pay (2.1,2.2,2.3,etc.). I believe this only applies to mastercard but would appreciate if anyone has run into something similar and what you specified. I have not been able to find anything in Apple's documentation specifying the version that is used.

Hello, We are currently developing an application that uses the Host-based Card Emulation (HCE) entitlement to enable corporate access functionality. With this entitlement, we have successfully established HCE communication and can interact with our access control systems to unlock doors. Our question is related to improving the user experience: We would like this access functionality to work without requiring the app to be in the foreground, as this adds friction for users during entry. Specifically, we would like to know: Is it possible for our app to coexist with Apple Wallet as the default contactless app, so that: Our app handles NFC interactions for corporate access (e.g., opening doors). Apple Wallet remains the default for payments. If that coexistence is not possible, and our app is set as the default contactless app, Will the system still need to launch our app into the foreground to complete a transaction (e.g., to emulate the NFC card)? Or is there a way to trigger HCE responses in the background (e.g., using a background process or service extension)? Any guidance on how to configure the app for optimal background access behavior, while maintaining compatibility with Wallet, would be greatly appreciated. Thank you in advance.

Bank Accounts details are outdated and status is stack on processing with error: "Your banking updates are processing, and you should see the changes in 24 hours. You won't be able to make any additional updates until then." This is now stack for a few years since we activated a previous Apple developer account. we must change banking details as it holds up development of an app with in-app purchases. Finance department has been contacted and they do not answer What shall we do? senior support staff keep referring to finance department and is not helping

Hi, we are implementing the push provisioning via the Apple Wallet Extension starting from the example at https://developer.apple.com/documentation/passkit/implementing-wallet-extensions. To correctly manage the push provisioning on Apple Watch, specifically for a card tokenised in the iPhone but not in the Watch, we need to know if there is a connected Apple Watch to the iPhone. We are using the following code from the Apple Wallet Extension example to detect whether there is a connected watch: WCSession* session = [WCSession defaultSession]; session.delegate = delegate; [session activateSession]; In the main target of the app, at the end of the activation the system correctly calls the delegate method: session:activationDidCompleteWithState:error: but we noticed it is not being called in the UI extension context (the one having NSExtensionPointIdentifier: com.apple.PassKit.issuer-provisioning.authorization). We don't understand why the delegate is not being called in the UI extension, can you please help? Thanks! Steps to Reproduce: Start with a card not added in the Apple Wallet app Open the Apple Wallet app Click on add card Select the app to launch the Wallet Extension flow The Apple Wallet Extension with UI is on screen and invokes the activateSession method, the delegate method is not invoked and session.isPaired returns "no". Xcode Version 16.2 macOS Version 15.6.1 (24G90) Feedback ID FB20082564