About Apple Pay

What is Apple Pay


Logo

Info

Apple Pay is a digital wallet for storing payment details, providing an easy and secure way to pay in iOS applications, websites running on Safari browser and contactless POS terminals. In applications and on websites, users can quickly and securely provide their payment, shipping, and contact information to check out.  Apple Pay’s simplicity increases conversion rates and new user adoption that come with it.


Apple Pay solution supports following scenarios:

  • In-application payments (also part of the SDK)
  • Web payments


Notice: Regarding the liability shift in case of the card processing, please contact your Acquirer directly. Because is not a direct contract partner, your Acquirer should specify the liability shift rules for each card brand.

Web payment

Apple Pay on the Web enables purchases while using Safari web browser. For shopping on iPhone or iPad, after selecting checkout with Apple Pay, a payment sheet appears, prompting the customer to confirm payment via Biometric authentication or passcode. For shopping on Mac, customers need to have an iOS device in close range, and they'll be prompted on that device to authorize the payment, which will then synchronize to the browser. The latest MacBook Pro allows customers to authorize payment directly on the MacBook Pro.

Apple Pay is available through Safari on macOS. On iOS, Apple Pay is available in-app, on Safari, and as of iOS 16, websites displayed through a webviews (including third party browsers and social media apps)


To enable Apple Pay on your website it must comply with the Apple Pay Acceptable Use Guidelines, and be served over https://. you will find Apple's documentation right below: 


In-app payment

Apple Pay can be used for payments within the iOS applications. The main advantage of Apple Pay is that it is frictionless process with no need to re-type credit card data, shipping or billing address, which can be cumbersome on the smaller iPhone screens. Customer just choose to checkout with Apple Pay and confirms the payment with Biometric authentication or passcode.

Merchants can also use’s SDK for facilitating the in-app payment integration, making it easier and faster.

Apple Pay requirements:

Apple Pay in-app payments are supported on all iOS devices with a Secure Element.

Process flow chart

Apple Pay process flow

 

Presenting the Apple Pay button

Within apps, PassKit provides the API’s that your app will use to determine if it is running on a device with a Secure Element and if the device has been provisioned with payment cards that you support. On websites, WebKit provides APIs that allow your website to check if the individual has an Apple Pay capable device and if it is set up.

If the device is Apple Pay enabled you should present the Buy with Apple Pay button using APIs supplied within PassKit within apps and Webkit within Safari.

 

Presenting the Payment Sheet

When your user selects goods or services to buy, and selects Apple Pay as the payment method, you create a payment request and ask PassKit in apps or Webkit on your website to present the payment sheet to the user. The payment sheet must immediately follow the user tapping the Apple Pay button, without any interim screens or pop-ups except to prompt for necessary product details, such as size or quantity.

Your app specifies the contents of the payment sheet but it does not control the user’s interaction with the sheet. You must decide if it makes sense to present shipping and billing information, shipping method, and other line items to the user. You should only request the information necessary to process the transaction.

 

Processing Payments

Once authorized by the user, your app or website will receive a payment token object back from Apple Pay. The payment token encapsulates the information needed to complete a payment transaction, including the device-specific account number, the amount, and a unique, one-time-use cryptogram. The encrypted payment bundle will be decrypted by Axepta which then handles the whole transaction processing.

 

On this page


Step by Step Set-Up Guide for Apple Pay 

Onboarding 


1) The Merchant create an Apple pay Merchant Identifier.

To generate your Apple Pay merchant identifier, you will find below the Apple Pay documentation.


Configure Apple Pay on the web - Configure capabilities - Account - Help - Apple Developer

Register a merchant domain

  1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar, then select Merchant IDs from the pop-up menu on the top right.

  2. On the right, select your merchant identifier.

  3. Under Merchant Domains, click Add Domain.

  4. Enter the fully qualified domain name, then click Save.

  5. Click Download, place the downloaded file in the specified location, then click Verify.

  6. Click Done


2) The merchant sends the Apple Pay Merchant Identifier to BNP Paribas Sales. 


3) Axepta support starts the configuration and sends the CSR (Certificate Signing Request) by mail to the technical contact identified during onboarding phase.


4) The merchant needs to upload the Certificate Signing Request on his Marchant Apple Pay Account. 

To upload the certificate signing request, you will find below the Apple Pay documentation. 

Configure Apple Pay - Configure capabilities - Account - Help - Apple Developer

Upload a payment processing certificate

  1. In Certificates, Identifiers & Profiles, click Identifiers in the sidebar.

  2. Under Identifiers, select Merchant IDs using the filter on the top right.

  3. On the right, select your merchant identifier.

    Note: If a banner appears at the top of the page saying that you need to accept an agreement, click the Review Agreement button and follow the instructions before continuing.

  4. Upload the Certificate signing request given by Axepta support.


Testing Apple pay transaction 


Testing transaction with Apple pay test account

1) Axepta support can configure Apple pay on the Axepta merchant test MID.

Axepta Support needs the apple pay merchant identifier in order to configure Apple pay on the Axepta merchant test MID.


2) The Merchant creates a Sandbox Tester Account and add test card Number. 

Apple pay documentation : Sandbox Testing - Apple Pay - Apple Developer


3) The merchant must send the parameter &orderdesc=Test:0000 in the payment request to simulate a success payment.


Paygate interface



Calling the interface

Two transactions are created when making a credit card payment via Apple Pay. In the Apple Pay transaction the required credit card data are determined first and the actual credit card transaction is then carried out automatically. This takes place via a server-to-server connection and supports all usual credit card transaction options. The difference here, however, is that you don't transmit the credit card information, which you don't know. Instead, you transmit the PKPaymentToken generated by Apple Pay, which contains the required credit card data in encrypted form.

In order to make a credit card payment with Apple Pay, go to the following URL:

https://paymentpage.axepta.bnpparibas/applepay.aspx

Notice: For security reasons, Axepta rejects all payment requests with formatting errors, please use the correct data type for each parameters. 

The following table describes the encrypted payment request parameters:

The table describes just basic parameters. It is also possible to include all credit card payment parameters (without credit card data). More information about this you can find within Card processing.

If you are processing Recurring or stored Credential on File transactions, please make sure to review all the necessary information in "COF Mandate Integration Guide".

If there are any specific parameters that are mandatory for credit card payment, these parameters are also mandatory for Apple Pay.


Parameters for Apple Pay


KeyFormatCND Description 
MerchantIDans..30MMerchantID, assigned by Axepta. Additionally this parameter has to be passed in plain language too.
TransIDans..64MTransactionID provided by you which should be unique for each payment
RefNran..12C

Merchant’s unique reference number, which serves as payout reference in the acquirer EPA file. Please note, without the own shop reference delivery you cannot read out the EPA transaction and regarding the additional settlement file (CTSF) we cannot add the additional payment data.


Merchant’s unique reference number, which serves as payout reference in the acquirer EPA file. Please note, without the own shop reference delivery you cannot read out the EPA transaction and regarding the additional settlement file we cannot add the additional payment data.

Notes:

  • Fixed length of 12 characters (only characters (A..Z, a..z) and digits (0..9) are allowed, no special characters like whitespace, underscore...)
  • If the number of characters entered is lower than 12, BNP will complete, starting from the left side, with "0" (Example : 000018279568)

The format depends on the available paymethods for your MerchantId and this parameter is used for card payments reconciliation.

Please choose your format in that way that all paymethods are covered.

We recommend to use the most restrictive format for this parameter (AN12 - M) and create unique RefNr.

More details : Data reconciliation : Key Data

Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent) 100 is the smallest currency unit
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP.
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm.
UserDataans..1024OIf specified at request, Paygate forwards the parameter with the payment result to the shop.
RTFa1OEstablishment of Credential on File Agreement (Cardholder agrees that his card data can be stored for further transactions).
Capturean..6OM

Determines the type and time of capture.

Capture ModeDescription
AUTOCapturing immediately after authorisation (default value).
MANUALCapturing made by the merchant. Capture is normally initiated at time of delivery.
<Number>Delay in hours until the capture (whole number; 1 to 696).
OrderDescans..64MDescription of purchased goods, unit prices etc.
URLNotifyans..256O

Complete URL which Paygate calls up in order to notify the shop about the payment result. The URL may be called up only via port 443. It may not contain parameters: Use the UserData parameter instead.

  • We recommend to use parameter "response=encrypt" to get an encrypted response by Paygate
  • However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess/URLNotify. Therefore ensure to check the "code"-value which indicates success/failure of the action. Only a result of "code=00000000" should be considered successful.
MerchantIDExtans..128C

Merchant Identifier of Public Key

Mandatory if more then one Merchant Identifiers are stored with Computop

TokenExtans..6000M

Apple Pay PKPaymentToken as JSON string in the Base64 format

Example for TokenExt
{
 "paymentData": {
  "data": "GiZiyzsI6r6lnPYUeceR6itk2PDyBozl2Xy77c5u2X8Ze7l5EasyyH4Q6BoAevrvBfe0FnUNARBEXRySLwqqnpUHO6Du/amZEECRXxlrH91wFqH4oXry2CTDRu7TaIlmnR+s3ien5JI8iWo9hoEW7hyJOE7QGaS6rfR1CtQ4DWJEUq/tFnW98tj3kwKU6iOAAvE467boopMDGBS1fK5HzGXs4hH/6r+LPRfSOKBi1L5VWAexs9Bzw3ByyG69i52doRuFb1xOcMOJbmPg40hap13IjBW6dnj1phbsqP2i/JxvWPV3EcuqpuIoVZr5w53w//pPsl54kmeXNddIjVD5dIhhOKZ8AznD4eL2dbzkp6bic8xScBf3G8hrKXTRTL7V+KT2S+TQliHN0SNXrFu6B6o=",
  "signature": "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIID4zCCA4igAwIBAgIITDBBSVGdVDYwCgYIKoZIzj0EAwIwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE5MDUxODAxMzI1N1oXDTI0MDUxNjAxMzI1N1owXzElMCMGA1UEAwwcZWNjLXNtcC1icm9rZXItc2lnbl9VQzQtUFJPRDEUMBIGA1UECwwLaU9TIFN5c3RlbXMxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwhV37evWx7Ihj2jdcJChIY3HsL1vLCg9hGCV2Ur0pUEbg0IO2BHzQH6DMx8cVMP36zIg1rrV1O/0komJPnwPE6OCAhEwggINMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUI/JJxE+T5O8n5sT2KGw/orv9LkswRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDA0LWFwcGxlYWljYTMwMjCCAR0GA1UdIASCARQwggEQMIIBDAYJKoZIhvdjZAUBMIH+MIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS8wNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVhaWNhMy5jcmwwHQYDVR0OBBYEFJRX22/VdIGGiYl2L35XhQfnm1gkMA4GA1UdDwEB/wQEAwIHgDAPBgkqhkiG92NkBh0EAgUAMAoGCCqGSM49BAMCA0kAMEYCIQC+CVcf5x4ec1tV5a+stMcv60RfMBhSIsclEAK2Hr1vVQIhANGLNQpd1t1usXRgNbEess6Hz6Pmr2y9g4CJDcgs3apjMIIC7jCCAnWgAwIBAgIISW0vvzqY2pcwCgYIKoZIzj0EAwIwZzEbMBkGA1UEAwwSQXBwbGUgUm9vdCBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMTQwNTA2MjM0NjMwWhcNMjkwNTA2MjM0NjMwWjB6MS4wLAYDVQQDDCVBcHBsZSBBcHBsaWNhdGlvbiBJbnRlZ3JhdGlvbiBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATwFxGEGddkhdUaXiWBB3bogKLv3nuuTeCN/EuT4TNW1WZbNa4i0Jd2DSJOe7oI/XYXzojLdrtmcL7I6CmE/1RFo4H3MIH0MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwNC1hcHBsZXJvb3RjYWczMB0GA1UdDgQWBBQj8knET5Pk7yfmxPYobD+iu/0uSzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFLuw3qFYM4iapIqZ3r6966/ayySrMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxlcm9vdGNhZzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAQBgoqhkiG92NkBgIOBAIFADAKBggqhkjOPQQDAgNnADBkAjA6z3KDURaZsYb7NcNWymK/9Bft2Q91TaKOvvGcgV5Ct4n4mPebWZ+Y1UENj53pwv4CMDIt1UQhsKMFd2xd8zg7kGf9F3wsIW2WT8ZyaYISb1T4en0dbmcubCYkhYQaZDwmSHQAAMYIBizCCAYcCAQEwgYYwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTAghMMEFJUZ1UNjANBglghkgBZQMEAgEFAKCBlTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMjAyMjMxMDMyMzFaMCoGCSqGSIb3DQEJNDEdMBswDQYJYIZIAWUDBAIBBQChCgYIKoZIzj0EAwIwLwYJKoZIhvcNAQkEMSIEIKELTeQBJkyBdJ9Ge0BlmVOTIqU4sV75S/aC6sJMIHxbMAoGCCqGSM49BAMCBEYwRAIgC0iKpRgZQE2vMCSczjMRe+4b0aqiO79D2d0+9CKMmA8CICnC+e7RBgIPVbA32ZsKOV8e3iTdvm1OaH/ABCDEFGHIJKL",
  "header": {
      "publicKeyHash": "OgiD2qBTWYf/a+LDshFeQcPq6tOmePu0epHpP4ZkNicc=",
      "ephemeralPublicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEc/HxA3lJZrC+B0ITom0Iji+gFdn7ivGtpI+fl2u8n8XByPgBaVK2b44qUvsGigoNd0OFLNXo0Q07R2B54eIdS3A==",
      "transactionId": "156632b2aadf355d4958d9051a42bf62e07aea5716e72083aa64247944f6e3e14d"
  },
  "version": "EC_v1"
 },
 "paymentMethod": {
  "displayName": "MasterCard 0063",
  "network": "MasterCard",
  "type": "debit"
 },
 "transactionIdentifier": "156632B2AAD12F355D4958D9051A42BF62E07AE5716E720AA6424794F6E3E14567D"
}
Channela..10O

Channel over which the order is processed.

Allowed value : ECOM

Result parameters for Apple Pay


The following table describes the result parameters with which Axepta responds to your system

  • Please be prepared to receive additional parameters at any time and do not check the order of parameters
  • The key (e.g. MerchantId, RefNr) should not be checked case-sentive
KeyFormatCNDDescription 
MIDans..30MMerchantID, assigned by Axepta
PayIDan32M

ID assigned by Paygate for the payment, e.g. for referencing in batch files

This ID refers to the credit card transaction unless an error occurs already at the Apple Pay transaction.

XIDan32MID for all single transactions (authorisation, capture, credit note) for one payment assigned by Paygate
TransIDans..64MTransactionID provided by you which should be unique for each payment

refnr

ns..30OMerchant’s unique reference number
UserDataans..1024OIf specified at request, Paygate forwards the parameter with the payment result to the shop.
Statusa..50MOK (URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to Paygate Response Codes
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. 
schemeReferenceIDan64CCard scheme specific transaction ID required for subsequent credential-on-file payments, delayed authorizations and resubmssions.



Capture / Credit / Reversal

Captures, credits and reversals do not refer to the Apple Pay transaction but directly to the credit card transaction.

Batch processing via the interface

Captures, credits and reversals via batch do not refer to the Apple Pay transaction but directly to the credit card transaction.