Integrating Apple Pay (merchant managed certificate)

 On this page:

Prepare your Opayo account
Refer to Apple Developer Account and Apple Pay Instructions
Perform the transaction
Return the to result to the device
Live URL

 

Use the In-App method (Self-Managed Certificate) if you already have an Apple Developer account. This link provides additional information from Apple regarding configuration and setup of merchant IDs

Important: This functionality is currently in beta. If you want to enable Apple Pay and Apple Pay In-App for your account, please contact support@opayo.io.
Important: Apple Pay functionality is currently only available to Elavon acquired merchants.     

Preparing your Opayo account

To prepare your vendor account to accept Apple Pay, you'll need to do the following:

  • Log into MyOpayo as an administrative user
  • Select ‘Add Apple Pay’

MySagePay Add Apple Pay

  • Select an option for certificate management

Add Apple Pay Select Type

Important: For Apple Pay In-App, select 'You manage your certificate.' In this option is greyed out, please contact support@opayo.io to enable it.
Important: Before completing these steps, you must set up a Merchant ID through Apple
  • From the 'Apple Merchant IDs' screen, enter your Apple Merchant ID and click ‘Add' to populate the table.

Apple Pay Add Merchant ID

Important: Your Apple Merchant ID must match your Apple Developer account
  • Select the Merchant ID you wish to use Apple Pay for with Opayo

Apple Pay Manage Certificates

Important: Use the CSR from Opayo, not the CSR generated by Apple
  • Click 'Download CSR' to download a new Certificate Signing Request (CSR)
  • After receiving the CSR, return to your Apple developer center and sign into your account
  • Select the Merchant ID you wish to associate with Opayo for Apple Pay In-App payments

  • Select ‘Create Certificate’ and upload the CSR to Apple for digital signature; Apple will return the signed certificate to you as a *.cr file

  • Upload the Apple-signed certificate to MyOpayo by clicking 'Upload certificate' to complete the process

Refer to Apple Developer Account and Apple Pay Instructions

After uploading the Apple-signed certificate to MyOpayo, follow Apple's instructions for offering Apple Pay through your iOS app.

Perform transaction

The payload that you will recieve from Apple will resemble:

 {
    token:{
        paymentData: {
            version:"EC_v1",
            data:"3+f4oOTwPa6f1UZ6tG...CE=",
            signature:"MIAGCSqGSIb3DQ...AAAA==",
            header:{
                ephemeralPublicKey:"MFkwEwYHK...Mdw==",
                publicKeyHash:"l0CnXdMv...D1I=",
                transactionId:"32b...4f3"
            }
        },
        paymentMethod:{
                displayName:"Visa 1234",
                network:"Visa",
                type:"debit"
        },
        transactionIdentifier:"32b...4f3"
    },
    billingContact:{
        addressLines:[
            "1 Street",
            ""
        ],
        administrativeArea:"",
        country:"United Kingdom",
        countryCode:"GB",
        familyName:"Appleseed",
        givenName:"John",
        locality:"London",
        postalCode:"AB12 3CD",
        subAdministrativeArea:"",
        subLocality:""
    },
    shippingContact:{
        addressLines:[
            "1 Street",
            ""
        ],
        administrativeArea:"",
        country:"United Kingdom",
        countryCode:"gb",
        familyName:"Appleseed",
        givenName:"John",
        locality:"London",
        postalCode:"AB12 3CD",
        subAdministrativeArea:"",
        subLocality:"",
        phoneNumber:"01234 567890",
        emailAddress:"john.appleseed@apple.com"
    }
}

Your server will need to Base64 encode this response and send it to Opayo in the Payload field.

You will also need to extract the network and type fields from the PaymentMethod object, and use these to determine the CardType to submit in the request to Opayo.

If the network is Visa and type is Debit, use DELTA. If the network is Mastercard and type is Credit, use MC.  If the network is Mastercard and type is Debit, use MCDEBIT.  If the network is Diner's / Discover use DC.For a full breakdown of the CardTypes, see here.
VPSProtocol=4.00
Vendor=testvendor
Wallet=APPLE
TxType=PAYMENT
VendorTXCode=test-660999
Amount=1.01
Currency=GBP
Description=Direct-Payment-AP
CardType=Visa
BillingSurname=Me
BillingFirstnames=Jake
BillingAddress1=150 My Road
BillingCity=London
BillingPostcode=N6 4LU
BillingCountry=GB
DeliverySurname=Me
DeliveryFirstnames=Jake
DeliveryAddress1=150 My Road
DeliveryCity=London
DeliveryPostcode=N6 4LU
DeliveryCountry=GB
DeliveryPhone=0788888888
ClientIPAddress=127.0.0.1
ApplyAVSCV2=1
Apply3DSecure=2
Payload=eyJwYXltZW50TWV0a...

 

See here for the full list of Direct fields.

 

Additionally, you will need to send:

 

Name

Description

Mandatory

Valid Characters

Max Length

Allowed Values

Wallet

The wallet integration being used. In this case, the value will always be APPLE

Yes

Uppercase letters

5
  • APPLE

Payload

The encrypted payment token provided by Apple

Yes

 

Letters, digits
  

 

255

 

 

Important: You can omit the Cardholder, Cardnumber, Expiry, CV2 and all 3D Secure related fields from the standard Direct transaction registration request.

Sample response:

VPSProtocol=4.00
Status=OK
StatusDetail=0000 : The Authorisation was Successful.
VPSTxId={E0980B68-9D33-FD5D-0C38-681F8485A457}
SecurityKey=VLG07RYKLD
TxAuthNo=8955544
AVSCV2=SECURITY CODE MATCH ONLY
AddressResult=NOTMATCHED
PostCodeResult=NOTMATCHED
CV2Result=NOTCHECKED
3DSecureStatus=NOTCHECKED
DeclineCode=00
ExpiryDate=1223
BankAuthCode=999777

 

See here for a full list of the fields which may be returned.

Response

If your transaction originated on the web, and is authorised , you'll need to pass a response back to the Apple Pay payment sheet:

 

On success:

{
"approved":true
}

On failure:

{
"approved":false
}

 

If your transaction originated from an iOS application, you'll need to pass a PKPaymentAuthorizationResult into the completion handler for the didAuthorizePayment method, and you can set a PKPaymentAuthorizationStatus of PKPaymentAuthorizationStatus.success or PKPaymentAuthorizationStatus.failure.

 

Live URL

Live URL
Operation URL

WALLET TRANSACTION

https://live.sagepay.com/gateway/service/wallet-payment.vsp