Apple Pay Integration in Mobile App

NOVASOLUTIONS.TECHNOLOGY is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Apple Pay Integration in Mobile App
Complex
~2-3 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1054
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Integration of Apple Pay Payment System into Mobile Application

Apple Pay is not "add button". This chain of Merchant ID, certificates, PKPaymentAuthorizationController, server payment token verification and final transaction status handling. Error in any link — either app won't show button at all, or get rejection from Apple Pay at authorization stage.

Merchant ID and certificates setup

Everything starts in Apple Developer Portal:

  1. Create Merchant ID: merchant.com.yourcompany.appname
  2. Generate Payment Processing Certificate — Apple uses it to encrypt token before sending to your server
  3. Add domain for Apple Pay on Web (if needed) — requires verification file on server

In Xcode: Signing & Capabilities → Add Apple Pay → select Merchant ID. Xcode automatically updates .entitlements file:

<key>com.apple.developer.in-app-payments</key>
<array>
    <string>merchant.com.yourcompany.appname</string>
</array>

Without this entitlement Apple Pay won't activate on device, even if code correct.

PKPaymentRequest and PKPaymentAuthorizationController

import PassKit

class CheckoutViewController: UIViewController {

    func startApplePay() {
        guard PKPaymentAuthorizationController.canMakePayments(
            usingNetworks: [.visa, .masterCard, .mir]
        ) else {
            // Show alternative payment method
            return
        }

        let request = PKPaymentRequest()
        request.merchantIdentifier = "merchant.com.yourcompany.appname"
        request.supportedNetworks = [.visa, .masterCard, .mir]
        request.merchantCapabilities = [.capability3DS]
        request.countryCode = "RU"
        request.currencyCode = "RUB"

        let item = PKPaymentSummaryItem(
            label: "Order №1234",
            amount: NSDecimalNumber(string: "1500.00")
        )
        let shipping = PKPaymentSummaryItem(
            label: "Shipping",
            amount: NSDecimalNumber(string: "250.00")
        )
        let total = PKPaymentSummaryItem(
            label: "YourCompany",  // company name, shown on Face ID/Touch ID screen
            amount: NSDecimalNumber(string: "1750.00")
        )
        request.paymentSummaryItems = [item, shipping, total]

        let controller = PKPaymentAuthorizationController(paymentRequest: request)
        controller.delegate = self
        controller.present(completion: nil)
    }
}

extension CheckoutViewController: PKPaymentAuthorizationControllerDelegate {

    func paymentAuthorizationController(
        _ controller: PKPaymentAuthorizationController,
        didAuthorizePayment payment: PKPayment,
        handler completion: @escaping (PKPaymentAuthorizationResult) -> Void
    ) {
        // payment.token.paymentData — encrypted JSON token
        // Send to backend for verification
        sendTokenToBackend(payment.token.paymentData) { success in
            completion(PKPaymentAuthorizationResult(
                status: success ? .success : .failure,
                errors: nil
            ))
        }
    }

    func paymentAuthorizationControllerDidFinish(_ controller: PKPaymentAuthorizationController) {
        controller.dismiss(completion: nil)
    }
}

Important nuance with .mir: Mir Pay requires separate setup and works only on cards issued by NSPK. Not all acquirers support Mir via Apple Pay — clarify with payment provider.

Server token verification

payment.token.paymentData is encrypted JSON that Apple encrypted with your Payment Processing Certificate. Decrypts on server.

Token structure:

{
    "version": "EC_v1",
    "data": "base64-encrypted-payment-data",
    "signature": "base64-pkcs7-signature",
    "header": {
        "ephemeralPublicKey": "base64-ec-public-key",
        "publicKeyHash": "base64-sha256-hash",
        "transactionId": "hex-transaction-id"
    }
}

Decryption process:

  1. Verify signature via Apple Root CA
  2. Recover shared secret via ECDH (your private key + ephemeralPublicKey from token)
  3. Get symmetric key via HKDF
  4. Decrypt data via AES-256-GCM

In practice most payment providers (Stripe, CloudPayments, YooKassa) handle decryption — just send raw paymentData. Self-implementation needed only with direct acquiring.

Typical issues

Apple Pay button not displayed. Reasons: Merchant ID not added to entitlements (check .entitlements file), certificate expired (2-year validity), canMakePayments(usingNetworks:) returns false on simulator without configured cards.

PKPaymentAuthorizationStatus.failure without error. Backend returned error, but errors in PKPaymentAuthorizationResult not passed. User sees just "Error" without explanation. Correct — pass PKPaymentError with reason description.

Testing. Apple Pay doesn't work on simulator for real transactions. For testing need device with test Visa card from Apple Sandbox. Test cards available only to accounts in Apple Sandbox environment.

What's included

  • Merchant ID registration, certificate generation and upload
  • PKPaymentRequest implementation with correct paymentSummaryItems
  • Integration with payment provider (token.paymentData passing)
  • Error handling with PKPaymentError
  • Testing on physical device in Sandbox

Timeline

2–3 days including Developer Portal setup and provider integration. Cost calculated individually.