Apple Pay

Suggest Edits

Apple Pay is a digital wallet and payment service provided by Apple Inc and it provides an easy and secure way to pay in iOS apps, watchOS apps, and websites on Safari. Apple Pay allows your customers with compatible devices to make payments and complete purchase without the need to add to a cart or fill out a form. Payments made using Apple Pay will benefit from full liability shift for supported card schemes including; Visa, MasterCard and AMEX.

When your customer selects Apple Pay, they are presented with a pre-populated Payment Sheet where they can view the order, choose a card and confirm their shipping and contact details. The final step is payment authorisation through Face ID or Touch ID authentication to confirm the purchase. [1]

📘

Supported Apple Pay Experiences

As a merchant you can choose to support any of the patterns below. Depending on which of the below patterns your business wishes to support, the setup steps will vary.

Apple Pay Setup

To start accepting Apple Pay payments via Web and Mobile Apps please follow the instructions below:

  • Apple Pay on the Web: You don't need to create your own Apple Pay certificate for web integration because you will use Wpay Apple Pay Certificate. Your Wpay account management representative will be able to support you through the integration process.

  • Apple Pay in App: You will need to enable Apple Pay with your own certificates and share your certificates with Wpay to configure against your merchant profile. These certificates will be generated from your Apple Developer Account which can be created by following the instructions here Before You Enrol - Apple Developer Program. Please share this with your account management representative who can support you through the integration process.

Starting a Session with Apple for Apple Pay

Apple Pay Web: Wpay paymentsession API must first be called from the client side so that Wpay can correctly validate the merchant domain and return an opaque Apple Pay merchant session object. The Apple Pay session object can be used to encrypt payment data. Upon successful call of Paymentsession API, you may then present a Payment Sheet to the user to review the purchase and authorise the payment. 

// Dev to check
curl --location --request POST 'https://{{environment}}.wpay.com.au/wow/v1/pay/applepay/paymentsession' \
--header 'X-Api-Key: {{yourAPIKey}}' \
--header 'Content-Type: application/json' \
--header 'authorization: Bearer {{yourBearerToken}}' \
--header 'Origin: https://{{yourDomain}}' \
--data-raw '{
  "validationUrl": "https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession",
  "displayName": "{{yourStoreName}}"
}'

// Dev to check
var myHeaders = new Headers();
var environment = "substitute environment-value here"
var yourAPIkey = "YOUR-API-KEY";
var accessToken = "ACCESS-TOKEN";
var origin = "https://your-domain";
myHeaders.append("Content-Type", "application/json");
myHeaders.append("X-Api-Key", yourAPIkey);
myHeaders.append("Authorization", `Bearer ${accessToken}`);
myHeaders.append("Origin", origin);

var raw = JSON.stringify({
  "validationUrl": "https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession",
  "displayName": "{{yourStoreName}}"
});

var requestOptions = {
  method: 'POST',
  headers: myHeaders,
  body: raw,
  redirect: 'follow'
};

fetch(`https://${environment}.wpay.com.au/wow/v1/pay/applepay/paymentsession`, requestOptions)
  .then(response => response.text())
  .then(result => console.log(result))
  .catch(error => console.log('error', error));

//Dev to check

import Foundation
#if canImport(FoundationNetworking)
import FoundationNetworking
#endif

var semaphore = DispatchSemaphore (value: 0)

let yourAPIkey = "YOUR-API-KEY"
let environment = "substitute environment-value here"
let accessToken = "ACCESS-TOKEN"
let origin = "https://your-domain"
let parameters = """
{\
    \"validationUrl\": \"https://apple-pay-gateway-cert.apple.com/paymentservices/paymentSession\",\
    \"displayName\": \"{{yourStoreName}}\"\
}\
"""
let postData = parameters.data(using: .utf8)

var request = URLRequest(
  url: URL(string: "https://\(environment).wpay.com.au/wow/v1/pay/applepay/paymentsession")!,
  timeoutInterval: Double.infinity
)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue(yourAPIkey, forHTTPHeaderField: "X-Api-Key")
request.addValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
request.addValue(origin, forHTTPHeaderField: "Origin")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in 
  guard let data = data else {
    print(String(describing: error))
    semaphore.signal()
    return
  }
  print(String(data: data, encoding: .utf8)!)
  semaphore.signal()
}

task.resume()
semaphore.wait()

Where:

  • Origin header will be automatically passed on by customer's browser
  • validationUrl is validation URLs provided by Apple when you set up your server (see Requesting An Apple Pay Payment Session for more detail)

Apple Pay Merchant Session Object

A sample of merchant session object can be seen below. You may pass this whole object to the completion method, completeMerchantValidation to enable the user to authorize a transaction.

{
    "epochTimestamp": 1658987403707,
    "expiresAt": 1658991003707,
    "merchantSessionIdentifier": "SSHDC1221C404******",
    "nonce": "eed0adec",
    "merchantIdentifier": "4FCE55AEEED3DACF3FE85****************",
    "domainName": "localhost:8080",
    "displayName": "My Store",
    "signature": "308006092a864886***********************************",
    "operationalAnalyticsIdentifier": "My Store:4FCE55AEEED3DACF3************",
    "retries": 0,
    "pspId": "B17C76FBD980CE281***********************"
}

Apple Pay in App: you can validate your merchant domain by calling Apple validation URL directly (see Requesting An Apple Pay Payment Session for more detail). It will return an opaque Apple Pay session object that you can use to encrypt the payment data. Since Wpay already stores your Apple Pay Certificates against your profile in our secure environment, we will be able to decrypt the payment data on our end and [provide you with a payment token] (doc:apple-pay#tokenizing-apple-pay) that you can use to make payments or store in your wallet.

Tokenizing Apple Pay

To tokenize an Apple Pay instrument using the Wpay platform please follow Tokenizing Apple Pay.

Making an Apple Pay Payment

To make an Apple Pay payment using the Wpay platform please follow Making a Payment.

🚧

Testing Apple Pay Integration

Testing for Apple Pay on web requires a sandbox account. The steps to create a sandbox accounts and add dummy cards is documented here at Apple Pay - Sandbox Testing - Apple Developer. Once your test integration is complete you can test your setup using the Apple Pay on the Web Demo .

References

  1. Apple Pay - Marketing Guidelines
  2. Apple Pay Programming Guide
  3. Preparing Merchant Domains for Verification
  4. Register Merchant
  5. Apple Pay Interactive Demo
  6. Registering with Apple Pay and Applying to Use the API
  7. Requesting An Apple Pay Payment Session

Updated over 1 year ago