--- title: "Use your own certificate for iOS" description: "Enable Apple Pay for your mobile integration with your own Apple Pay certificate." url: "https://docs.adyen.com/payment-methods/apple-pay/apple-pay-certificate/ios" source_url: "https://docs.adyen.com/payment-methods/apple-pay/apple-pay-certificate/ios.md" canonical: "https://docs.adyen.com/payment-methods/apple-pay/apple-pay-certificate/ios" last_modified: "2023-11-24T15:52:00+01:00" language: "en" --- # Use your own certificate for iOS Enable Apple Pay for your mobile integration with your own Apple Pay certificate. [View source](/payment-methods/apple-pay/apple-pay-certificate/ios.md) This page explains how to enable Apple Pay for your native mobile integration with your own Apple Pay certificate. ## Requirements Before you begin, take into account the following requirements, limitations, and preparations. | Requirement | Description | | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Integration type** | Make sure that you have built an iOS Drop-in/Components integration using the Advanced or Sessions flow. | | **[Customer Area roles](/account/user-roles)** | Make sure that you have one of the following roles:- **Merchant admin** - **Manage API Credentials** | | **Setup steps** | Before you begin:- Make sure that you have an [Apple Developer account](https://developer.apple.com/) that is associated with either the [Apple Developer Program](https://developer.apple.com/programs/), or the [Apple Developer Enterprise Program](https://developer.apple.com/programs/enterprise/). - To get notifications when your Apple Pay certificate is about to expire, create a user with an email address that is linked to a group inbox or distribution list and has the **Account Holder** or **Admin** role. | ## How it works To add Apple Pay to your mobile application with your own Apple Pay certificate, you must: 1. [Create merchant identifiers](#create-merchant-identifier) in your Apple developer account, and enter them in your Customer Area. You must create separate merchant identifiers for test transactions and live transactions. 2. [Enable the Apple Pay capabilities](#enable-apple-pay-capabilities). 3. [Create a payment processing certificate](#create-payment-processing-certificate) for each merchant identifier, and add each certificate to the correct user in your Customer Area. Apple Pay uses this certificate to encrypt payment information, and we need to have this certificate to be able to decrypt and process the payment. 4. [Add Apple Pay as a payment method in your Customer Area](#add-apple-pay-as-a-payment-method-ios). For information about server requirements for Apple Pay on the web, refer to the [Apple Developer portal](https://developer.apple.com/documentation/apple_pay_on_the_web/setting_up_your_server). ## Create merchant identifiers A merchant identifier uniquely identifies you as a merchant who is able to accept Apple Pay payments. You can use the same merchant identifier for multiple websites and iOS apps. But you will need to use separate merchant identifiers for *test* transactions and *live* transactions. To create merchant identifiers: 1. Log in to your Apple Developer account at [https://developer.apple.com](https://developer.apple.com/). 2. Follow the Apple Developer Account Help instructions to [create a merchant identifier](https://developer.apple.com/help/account/configure-app-capabilities/configure-apple-pay#create-a-merchant-identifier). We recommend that you include the prefix **merchant.com.adyen** in your merchant identifier. For example: **merchant.com.adyen.merchantAccount**. For test transactions, we recommend creating a merchant identifier with **.test** at the end. For example: **merchant.com.adyen.merchantAccount.test**. 3. When you have completed the instructions from Apple, log in to your Adyen Customer Area and go to **Developers** > **API credentials**. Select the web service user that will execute your Apple Pay transactions (**ws\@Company.****\[YourCompanyAccount]**). 4. In **Wallet payment methods** > **Apple Pay**, select **+ Add**. 5. Select **Use your own certificate** > **Continue**. 6. Enter the merchant identifier and select **Download CSR** > **Continue**. 7. Save the CSR. You will need it to [create the payment processing certificate](#create-payment-processing-certificate). ## Enable Apple Pay in your app 1. Log in to your Apple Developer account at [https://developer.apple.com](https://developer.apple.com/). 2. Follow the Apple Developer Account Help instructions to [enable Apple Pay](https://developer.apple.com/help/account/manage-identifiers/enable-app-capabilities#enable-apple-pay). ## Create payment processing certificate 1. Log in to your Apple Developer account at [https://developer.apple.com](https://developer.apple.com/). 2. Follow the Apple Developer Account Help instructions to create a payment processing certificate for [an iOS app](https://developer.apple.com/help/account/configure-app-capabilities/configure-apple-pay#create-a-payment-processing-certificate). * Select a merchant identifier that you created [when you created your merchant identifier](#create-merchant-identifier). * Skip the step to create a certificate signing request. * In the step to select the certificate signing request file, select the CSR you created [when you created your merchant identifier](#create-merchant-identifier). * If at any time a question **Will payments associated with this Merchant ID be processed exclusively in China?** or similar appears, answer **No** and continue. * Download and save the generated payment processing certificate (CER or **.cer** file). 3. When you have completed the instructions from Apple, return to your Adyen Customer Area and go to **Developers** > **API credentials**. Select the web service user that will execute your Apple Pay transactions (**ws\@Company.****\[YourCompanyAccount]**). 4. Select the merchant identifier. 5. Upload the payment processing certificate and select **Continue**. ### Renew a payment processing certificate When your certificate expires, you have to renew it. Apple Pay requires time to fully activate your new payment processing certificate. During that time period, transactions may still use the old certificate. To renew a certificate: 1. Log in to your Adyen [Customer Area](https://ca-test.adyen.com/) and go to **Developers** > **API credentials**. 2. Select the relevant web service user. 3. Under **Apple Pay Certificates** select **Add**. 4. Enter the merchant identifier and download the CSR. Write down the start of the `KeyID` to help you locate it in step 6. 5. Go to the Apple development environment and follow the steps described there to get the CER. 6. In the **Apple Pay Certificates** section, select the certificate with the `KeyID` you noted in step 4. This will have the **Input needed** status. 7. Select the **eye icon** ![](/user/themes/adyen/images/illustrations/eye.svg). 8. In the dialog that pops up, click **Continue**, and upload the certificate. 9. Activate the new certificate on Apple's Developer Portal. Until this is completed, the old certificate will still be used. After the activation of the new certificate, the old certificate will continue to be used for about 4 hours after the activation of the new certificate. 1. Verify that the new certificate is in use for payments (see steps below). ### Verify which certificate is in use Apple gradually rolls out a new certificate. This means that the old certificate remains active and might be used while the new certificate is being rolled out. To see which certificate is in use for a payment, follow these steps: 1. In the [/payments](https://docs.adyen.com/api-explorer/Checkout/latest/post/payments) request, find the Base64-encoded JSON object `paymentMethod.applePayToken`: **Example /payments request** ```json { "paymentMethod" : { "applePayToken" : "eyJkYXRhIjoiSjc4QmtKTUp3TXFBM2dt........=", "type" : "applepay" } } ``` 2. Decode the `paymentMethod.applePayToken` object: **Example of a decoded applePayToken** ```json { "data": "J78BkJMJwM....=", "header": { "transactionId": "8996...", "ephemeralPublicKey": "MFkwEwYH....=", "publicKeyHash": "i4c9tRzBEIK4...." }, "signature": "MIAGCSqGSIb3D....=", "version": "EC_v1" } ``` The `publicKeyHash` contains the `KeyID` value of the certificate that was used for the payment. 3. In your [Customer Area](https://ca-test.adyen.com/), go to **Developers** > **API credentials**, and find the relevant web service user that made the payments. Under wallet payment methods, go to **Apple Pay Certificates**, and check the `KeyID`. If you see the `KeyID` for your old certificate, this may be due to the gradual rollout of Apple Certificates, and it does not mean that your setup is not successful. Four hours after the activation the rollout should be completed and you will no longer see payments using the old certificate. When you see the new certificate for an authorized payment, this confirms that all steps have been completed successfully. To remove the old certificate from the [Customer Area](https://ca-test.adyen.com/), go to **Apple Pay Certificates**, select the certificate with the applicable `KeyID`, and click the bin icon **. ## Add Apple Pay in your Customer Area [Add Apple Pay in your Customer Area](/payment-methods/add-payment-methods). You need to provide your: * **Merchant name**: the merchant account for which you want to set up Apple Pay. * **Merchant identifier**: the [merchant identifier you created](#create-merchant-identifiers). ## See also * [Apple Pay](/payment-methods/apple-pay) * [Apple Pay for iOS](/payment-methods/apple-pay/ios)