Apple Pay

Overview

This document explains how to create a merchant account in the Apple Developer environment as well as other configuration required to integrate with the Cardknox gateway. An FAQ section is provided at the end of the document.

Apple Pay

Apple Pay offers an easy, secure, and private way to pay on iPhone, iPad, Apple Watch, and Mac. Payments can be made on iOS apps and the web. (On the web, support is limited to the Safari browser.)

Apple Pay works with most accounts that accepts online payments. This article explains how to set up the prerequisites required by Apple Pay prior to being able to integrate Apple Pay into your app or website.

Apple Pay Prerequisites

    1. Contact Cardknox to obtain a Certificate Signing Request (CSR) file.
      1. Click here to request your CSR file.
      2. Once you receive your CSR file, continue to Step 2.
    2. Create a Merchant ID.
      1. Navigate to Apple Developer Page.
      2. Click on Identifiers.
      3. Click on the plus sign next to Identifiers.

      4. Choose Merchant IDs and click Continue
      5. Follow the instructions to Register a Merchant ID.
    3. Create an Apple Pay Payment Processing Certificate.
      1. Go back to Apple Developer Page and under the list of merchants, click on the one you just created.
      2. Under Apple Pay Payment Processing Certificate, click on Create Certificate.

      3. Click on Choose File, select CSR file and continue.
    4. Register your domain for Apple Pay on the Web.
      1. If you are not using Apple Pay on the Web, skip this step.
      2. On Apple Developer Page, under the list of merchants, click on the one you just created.
      3. Scroll down to Merchant Domains and click Add Domain.

      4. Follow the instructions to register your domain.
    5. Generate Merchant ID Certificate.
      1. Go back to Apple Developer Page and under the list of merchants, click on the one you just created.
      2. Under Apple Pay Merchant Identity Certificate, click on Create Certificate.

      3. Follow the instructions to create a Merchant Identity Certificate

FAQs

Q: What Apple Pay related fields are necessary to be sent on a gateway transaction request?
A:
1. xCardNum containing a base-64 encoded ApplePay encrypted token block (paymentData.data)

{
  "paymentData": {
    "version": "EC_v1",
    "data": "nts4o1EdIF9GA7Yy3GbdJamkPJNu66nMtPBk6hcp4N4/12v7LrEf/xsaFE5NRH9jEMQ93KJME2f9ZnQo9rRNK0ZLwYEQ7mynlsRvQY1gtvgEAhZMarGfOrBFSLIS5gC3tWM4hRn+ELfu9U3vv3sg+h4Ci611TeFvwZK5E4tbQ7Q6V66kN2sJSGjGcqzCoao6WXCOHhyhWy53c24OqK6Bz77RGhM+PtMfBNGREKzwKATnS1PHhA1mPUGysBIUWc2qWNRDxVm0XqlH/aBndQankLNbUetWFNHrJDhRsiEvdVwIZfUG2E+HtkQLV80Q2OCcnSmNSl/uoLCetvd7zM9w0OUXGUQ3qP/LvtAiyUXJBDZ8TUQVyNV/qac9zsjHIDvP2EiwSgdJXO+ns1s=",
    "signature": "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIID4zCCA4igAwIBAgIITDBBSVGdVDYwCgYIKoZIzj0EAwIwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE5MDUxODAxMzI1N1oXDTI0MDUxNjAxMzI1N1owXzElMCMGA1UEAwwcZWNjLXNtcC1icm9rZXItc2lnbl9VQzQtUFJPRDEUMBIGA1UECwwLaU9TIFN5c3RlbXMxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwhV37evWx7Ihj2jdcJChIY3HsL1vLCg9hGCV2Ur0pUEbg0IO2BHzQH6DMx8cVMP36zIg1rrV1O/0komJPnwPE6OCAhEwggINMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUI/JJxE+T5O8n5sT2KGw/orv9LkswRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDA0LWFwcGxlYWljYTMwMjCCAR0GA1UdIASCARQwggEQMIIBDAYJKoZIhvdjZAUBMIH+MIHDBggrBgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxlIHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNhdGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMuMDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS8wNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVhaWNhMy5jcmwwHQYDVR0OBBYEFJRX22/VdIGGiYl2L35XhQfnm1gkMA4GA1UdDwEB/wQEAwIHgDAPBgkqhkiG92NkBh0EAgUAMAoGCCqGSM49BAMCA0kAMEYCIQC+CVcf5x4ec1tV5a+stMcv60RfMBhSIsclEAK2Hr1vVQIhANGLNQpd1t1usXRgNbEess6Hz6Pmr2y9g4CJDcgs3apjMIIC7jCCAnWgAwIBAgIISW0vvzqY2pcwCgYIKoZIzj0EAwIwZzEbMBkGA1UEAwwSQXBwbGUgUm9vdCBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwHhcNMTQwNTA2MjM0NjMwWhcNMjkwNTA2MjM0NjMwWjB6MS4wLAYDVQQDDCVBcHBsZSBBcHBsaWNhdGlvbiBJbnRlZ3JhdGlvbiBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATwFxGEGddkhdUaXiWBB3bogKLv3nuuTeCN/EuT4TNW1WZbNa4i0Jd2DSJOe7oI/XYXzojLdrtmcL7I6CmE/1RFo4H3MIH0MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwNC1hcHBsZXJvb3RjYWczMB0GA1UdDgQWBBQj8knET5Pk7yfmxPYobD+iu/0uSzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFLuw3qFYM4iapIqZ3r6966/ayySrMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxlcm9vdGNhZzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAQBgoqhkiG92NkBgIOBAIFADAKBggqhkjOPQQDAgNnADBkAjA6z3KDURaZsYb7NcNWymK/9Bft2Q91TaKOvvGcgV5Ct4n4mPebWZ+Y1UENj53pwv4CMDIt1UQhsKMFd2xd8zg7kGf9F3wsIW2WT8ZyaYISb1T4en0bmcubCYkhYQaZDwmSHQAAMYIBizCCAYcCAQEwgYYwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTAghMMEFJUZ1UNjANBglghkgBZQMEAgEFAKCBlTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMDA5MzAwMjU2NDBaMCoGCSqGSIb3DQEJNDEdMBswDQYJYIZIAWUDBAIBBQChCgYIKoZIzj0EAwIwLwYJKoZIhvcNAQkEMSIEIPKm5f38JoEhydyPKo4cCyfCY+KXfKty3kQAuOrUfUMwMAoGCCqGSM49BAMCBEYwRAIgBZZO6LSzs93DKgw/NpvqUevggniTod0T5zMJUzM2TKUCIFLyN1mYe1b4ANNQEMpYMr2D+CCnh86iARbZ1ue4iQVGAAAAAAAA",
    "header": {
      "ephemeralPublicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4jfJmg6VGIGFnlUX2mw/0REAQHdlCqXOfFAfwrurQh9WM9EBjcsmjwl5KDBH5yuVeG2sW4uXFlqQkSoWJDnxig==",
      "publicKeyHash": "XvufuWpJGfsSOrPWpbBwoyjrrRT3ByIFOijzGdeI8Ho=",
      "transactionId": "0969a45481176c0e86f6ad43914de68e41d33ce95db1e1169d7cd3274d757b49",
      "applicationData": null
    },
    "paymentMethod": {
      "displayName": "MasterCard 0492",
      "network": "MasterCard",
      "type": "credit"
    },
    "transactionIdentifier": "0969A45481176C0E86F6AD43914DE68E41D33CE95DB1E1169D7CD3274D757B49"
  }
}

2. xDigitalWalletType set to “ApplePay”


Q: Can a POST or GET be used interchangeably to submit the request?
A: No, due to the size of the data, this request must be submitted to Cardknox Gateway via a POST.


Q: I received an error “Invalid payment data format“ on the transaction response. What might be the issue?
A: The Apple Pay payload in the xCardNum field was not a valid base-64 block.


Q: I received an error “Transaction amount does not match the amount provided“ on the transaction response. What might be the issue?
A: The amount sent in via the xAmount parameter does not match the amount retrieved from the payload provided by Apple Pay.


Q: I received error “PaymentDataType <?> not supported for ApplePay“ on the transaction response. What might be the issue?
A: We currently only support 3DSecure data type. This covers all areas aside from China.


Q: How can I be sure that an Apple Pay transaction is secure?
A: Cardknox will validate the signature on the Apple Pay request to ensure that the request is properly signed using Apple Pay certificates and that the request has not been tampered with. If this validation fails, the transaction will be rejected.


Q: What will the xEntryMethod be for an Apple Pay transaction?
A: The xEntryMethod will be set to digital wallet.