Your shoppers can only see Apple Pay as a payment method option if they:
- Use an Apple Pay-compatible device.
- Use Safari if they are paying on the web.
- Are located in a country or region where Apple Pay is available.
- Have an existing card added to their Apple Pay wallet.
If you are using one of the following Adyen plugins, refer to the specific documentation for enabling Apple Pay:
To enable Apple Pay you need to use your own certificate or Adyen's certificate:
- You can use your own certificate for all integrations.
- You can use the Adyen certificate only for web integrations.
- It is possible to use a combination of certificates by using your own certificate for native apps and the Adyen certificate for web.
The option to use Adyen's Apple Pay certificate is only available on Web Drop-in, Web Components and API-only. If you have a native mobile integration, you must use your own Apple Pay certificate.
You don't need to create your own Apple Pay certificate for your web integration because you can process payments through Adyen's Apple Pay certificate. The benefits of using Adyen's Apple Pay certificate are:
- A faster way to add Apple Pay to your integration.
- There is less configuration required.
- Apple Pay enabled by default for your Pay by Link integration, if you have one.
How to enable Apple Pay
- Set up your server for secure communication with Apple Pay.
- All pages that include Apple Pay must be served over HTTPS.
- Your domain must have a valid SSL certificate.
- Add Apple Pay in your test Customer Area.
- You'll be asked for Shop websites: your website URLs, for example
https://www.mystore.com
. If you add more than one, separate them with a comma. - You cannot use
http://localhost
to test.
- You'll be asked for Shop websites: your website URLs, for example
Before you begin
To enable Apple Pay using your own certificate, you need to have:
- An Apple Developer account that is associated with either the Apple Developer Program, or the Apple Developer Enterprise Program. To make sure you get notifications when your Apple Pay certificate is about to expire, create a user with an email address that is linked to a group inbox or distribution list and has the Account Holder or Admin role.
- In your Customer Area, you must have the role Merchant admin or Manage API Credentials.
If you are using one of the following plugins, refer to the specific documentation for enabling Apple Pay:
How to enable Apple Pay
- Set up your server for secure communication with Apple Pay.
- All pages that include Apple Pay must be served over HTTPS.
- Your domain must have a valid SSL certificate.
- Add Apple Pay in your test Customer Area.
- You'll be asked for Shop websites: your website URLs, for example
https://www.mystore.com
. If you add more than one, separate them with a comma. - You cannot use
http://localhost
to test.
- You'll be asked for Shop websites: your website URLs, for example
Process overview
To add Apple Pay to your website:
- Create merchant identifiers in your Apple developer account, and enter them in your Customer Area. You must create separate merchant identifiers for test transactions and live transactions.
- Create a payment processing certificate for each merchant identifier, and add each certificate to the correct user in your Customer Area. Apple Pay uses this certificate to encrypt payment information, and we need to have this certificate to be able to decrypt and process the payment.
- Register and validate your merchant domain with Apple.
- Create a merchant identity certificate, convert it to a PEM file, and upload it to your server. This certificate is used to authenticate communication with the Apple Pay servers.
- Add Apple Pay as a payment method in your Customer Area.
For information about server requirements for Apple Pay on the web, refer to the Apple Developer portal.
Step 1: Create merchant identifiers
A merchant identifier uniquely identifies you as a merchant who is able to accept Apple Pay payments.
You can use the same merchant identifier for multiple websites and iOS apps.
To create merchant identifiers:
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to create a merchant identifier. Your merchant identifier must include the prefix merchant.com.adyen. For example: merchant.com.adyen.merchantAccount.
For test transactions, we recommend creating a merchant identifier with .test at the end. For example: merchant.com.adyen.merchantAccount.test -
Log in to your Adyen Customer Area and go to Developers > API credentials. Select the web service user that will execute your Apple Pay transactions (ws@Company.[YourCompanyAccount]).
-
In Wallet payment methods > Apple Pay, select + Add.
-
Select Use your own certificate > Continue.
-
Enter the merchant identifier and select Download CSR > Continue.
-
Save the CSR. You will need it to create the payment processing certificate.
Step 2: Create payment processing certificate
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to create a payment processing certificate for a website:
- Select a merchant identifier that you created in Step 1.
- Skip the step to create a certificate signing request.
- In the step to select the certificate signing request file, select the CSR you created in Step 1.
- If at any time a question Will payments associated with this Merchant ID be processed exclusively in China? or similar appears, answer No and continue.
- Download and save the generated payment processing certificate (CER or .cer file).
-
When you have completed the instructions from Apple, return to your Adyen Customer Area and go to Developers > API credentials. Select the web service user that will execute your Apple Pay transactions (ws@Company.[YourCompanyAccount]).
-
Select the merchant identifier.
-
Upload the payment processing certificate and select Continue.
Renew a payment processing certificate
When your certificate expires, you have to renew it. Apple Pay requires time to fully activate your new payment processing certificate. During that time period, transactions may still use the old certificate.
To renew a certificate:
-
Log in to your Adyen Customer Area and go to Developers > API credentials.
-
Select the relevant web service user.
-
Under Apple Pay Certificates select Add.
-
Enter the merchant identifier and download the CSR. Write down the start of the
KeyID
to help you locate it in step 6. -
Go to the Apple development environment and follow the steps described there to get the CER.
-
In the Apple Pay Certificates section, select the certificate with the
KeyID
you noted in step 4. This will have the Input needed status. -
Select the eye icon .
-
In the dialog that pops up, click Continue, and upload the certificate.
-
Activate the new certificate on Apple's Developer Portal. Until this is completed, the old certificate will still be used.
After the activation of the new certificate, the old certificate will continue to be used for about 4 hours after the activation of the new certificate.
-
Verify that the new certificate is in use for payments (see steps below).
Verify which certificate is in use
Apple gradually rolls out new certificates. This means that the old certificate remains active and might be used while the new certificate is being rolled out.
To see which certificate is in use for a payment, follow these steps:
-
In the /payments request, find the Base64-encoded JSON object
paymentMethod.applePayToken
: -
Decode the
paymentMethod.applePayToken
object:The
publicKeyHash
contains theKeyID
value of the certificate that was used for the payment. -
In your Customer Area, go to Developers > API credentials, and find the relevant web service user that made the payments. Under wallet payment methods, go to Apple Pay Certificates, and check the
KeyID
.If you see the
KeyID
for your old certificate, this may be due to the gradual rollout of Apple Certificates, and it does not mean that your setup is not successful. Four hours after the activation the rollout should be completed and you will no longer see payments using the old certificate. When you see the new certificate for an authorized payment, this confirms that all steps have been completed successfully.To remove the old certificate from the Customer Area, go to Apple Pay Certificates, select the certificate with the applicable
KeyID
, and click the bin icon .
Step 3: Register and validate your merchant domain
This step doesn't apply when you are using our Salesforce Commerce Cloud plugin.
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to register a merchant domain, but note the following:
- In the step to select a merchant identifier, make sure you select the merchant identifier you created in Step 1.
Step 4: Create a merchant identity certificate
This step doesn't apply when you are using our Salesforce Commerce Cloud plugin.
For each transaction, you need to request an Apple Pay payment session using your Merchant Identity Certificate. In this step, you will create that certificate.
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to create a merchant identity certificate, but note the following:
- In the step to select a merchant identifier, make sure you select the merchant identifier you created in Step 1.
- Follow the instructions from Apple to create a CSR yourself. The CSR you received from us can't be used for creating a merchant identity certificate.
- Download and save the generated merchant identity certificate (.cer file).
-
When you have completed the instructions from Apple, add the merchant identity certificate to your keychain.
-
Export the certificate from your keychain as a p12 file.
-
Convert the p12 file to a PEM file using the following command:
openssl pkcs12 -in your-file.p12 -out apple-pay-cert.pem -nodes -clcerts
-
Upload the apple-pay-cert.pem file to your server.
When requesting an Apple Pay payment session, use the full path to the apple-pay-cert.pem file.
Step 5: Add Apple Pay as a payment method
Add Apple Pay as a payment method in your Customer Area, including the merchant identifier you created.
Process overview
To add Apple Pay to your mobile application, you must:
- Create merchant identifiers in your Apple developer account, and enter them in your Customer Area. You must create separate merchant identifiers for test transactions and live transactions.
- Enable the Apple Pay capabilities.
- Create a payment processing certificate for each merchant identifier, and add each certificate to the correct user in your Customer Area. Apple Pay uses this certificate to encrypt payment information, and we need to have this certificate to be able to decrypt and process the payment.
- Add Apple Pay as a payment method in your Customer Area.
For information about server requirements for Apple Pay on the web, refer to the Apple Developer portal.
Step 1: Create merchant identifiers
A merchant identifier uniquely identifies you as a merchant who is able to accept Apple Pay payments.
You can use the same merchant identifier for multiple websites and iOS apps. But you will need to use separate merchant identifiers for test transactions and live transactions.
To create merchant identifiers:
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to create a merchant identifier. We recommend that you include the prefix merchant.com.adyen in your merchant identifier. For example: merchant.com.adyen.merchantAccount.
-
When you have completed the instructions from Apple, log in to your Adyen Customer Area and go to Developers > API credentials. Select the web service user that will execute your Apple Pay transactions (ws@Company.[YourCompanyAccount]).
-
In Wallet payment methods > Apple Pay, select + Add.
-
Select Use your own certificate > Continue.
-
Enter the merchant identifier and select Download CSR > Continue.
-
Save the CSR. You will need it to create the payment processing certificate.
Step 2: Enable Apple Pay in your app
- Log in to your Apple Developer account at https://developer.apple.com.
- Follow the Apple Developer Account Help instructions to enable Apple Pay.
Step 3: Create payment processing certificate
-
Log in to your Apple Developer account at https://developer.apple.com.
-
Follow the Apple Developer Account Help instructions to create a payment processing certificate for an iOS app.
- Select a merchant identifier that you created in Step 1.
- Skip the step to create a certificate signing request.
- In the step to select the certificate signing request file, select the CSR you created in Step 1.
- If at any time a question Will payments associated with this Merchant ID be processed exclusively in China? or similar appears, answer No and continue.
- Download and save the generated payment processing certificate (CER or .cer file).
-
When you have completed the instructions from Apple, return to your Adyen Customer Area and go to Developers > API credentials. Select the web service user that will execute your Apple Pay transactions (ws@Company.[YourCompanyAccount]).
-
Select the merchant identifier.
-
Upload the payment processing certificate and select Continue.
Renew a payment processing certificate
When your certificate expires, you have to renew it. Apple Pay requires time to fully activate your new payment processing certificate. During that time period, transactions may still use the old certificate.
To renew a certificate:
-
Log in to your Adyen Customer Area and go to Developers > API credentials.
-
Select the relevant web service user.
-
Under Apple Pay Certificates select Add.
-
Enter the merchant identifier and download the CSR. Write down the start of the
KeyID
to help you locate it in step 6. -
Go to the Apple development environment and follow the steps described there to get the CER.
-
In the Apple Pay Certificates section, select the certificate with the
KeyID
you noted in step 4. This will have the Input needed status. -
Select the eye icon .
-
In the dialog that pops up, click Continue, and upload the certificate.
-
Activate the new certificate on Apple's Developer Portal. Until this is completed, the old certificate will still be used.
After the activation of the new certificate, the old certificate will continue to be used for about 4 hours after the activation of the new certificate.
-
Verify that the new certificate is in use for payments (see steps below).
Verify which certificate is in use
Apple gradually rolls out a new certificate. This means that the old certificate remains active and might be used while the new certificate is being rolled out.
To see which certificate is in use for a payment, follow these steps:
-
In the /payments request, find the Base64-encoded JSON object
paymentMethod.applePayToken
: -
Decode the
paymentMethod.applePayToken
object:The
publicKeyHash
contains theKeyID
value of the certificate that was used for the payment. -
In your Customer Area, go to Developers > API credentials, and find the relevant web service user that made the payments. Under wallet payment methods, go to Apple Pay Certificates, and check the
KeyID
.If you see the
KeyID
for your old certificate, this may be due to the gradual rollout of Apple Certificates, and it does not mean that your setup is not successful. Four hours after the activation the rollout should be completed and you will no longer see payments using the old certificate. When you see the new certificate for an authorized payment, this confirms that all steps have been completed successfully.To remove the old certificate from the Customer Area, go to Apple Pay Certificates, select the certificate with the applicable
KeyID
, and click the bin icon .
Step 4: Add Apple Pay as a payment method
Add Apple Pay as a payment method in your Customer Area, including the merchant identifier you created.
You can now start processing Apple Pay payments in your iOS app.