Apple Pay Integration

The New Moneris API offers two integration methods for Apple Pay wallets. Both methods involve use Apple Pay code to build a button for customers paying with Apple Pay:

1. Getting Started

Merchant Decryption & PCI DSS Level 1

Merchants choosing to decrypt the payload locally must adhere to Apple’s requirements. Merchant servers must be Payments Card Industry (PCI) Data Security Standard (DSS) Level 1 compliant and meet standards for handling card data in a secure manner. The solution will require registration with Apple to obtain keys for decryption. 

The Moneris API offers two integration methods for Apple Pay wallets. Both methods involve use Apple Pay code to build a button for customers paying with Apple Pay:

  • In-Application (In-App) solutions allow merchants to build mobile apps with embedded Apple Pay payment options for their customers on smartphones or tablets. In the background, the application sends encrypted payment data to the merchant server to complete transactions with the Moneris API

  • On The Web solutions allow merchants to offer Apple Pay payment options to customers within a web browser. The merchant’s website will route the encrypted payment data to the merchant server to complete transactions with the New Moneris API

Merchants can implement both In-App and On The Web solutions for Apple Pay. If using both, follow the In-App instructions for Advanced setup and include the optional section for Advanced (On The Web).

In addition, merchants must decide on whether to have Moneris handle decryption of the Apple Pay wallet or decrypt it locally on their own merchant server:

  • Apple Pay Encrypted allows merchants to send their Apple Pay encypted payload to the Moneris API. Moneris decrypts on your behalf to store the payment method for you.

  • Apple Pay Decrypted involves merchants decrypting the Apple Pay payload themselves and submitting the card data to the Moneris API directly.

2. Boarding a Apple Pay Integration for Mobile Applications (In-App only)

System & Skill Requirements

Developers will need the following for Apple-Pay In-App:

  • XCode 6.3 or higher

  • Knowledge of Objective C or Swift

  • iOS 8.0 or higher

Beginning to integrate your payment application with Apple Pay and Moneris will involve a few basic tasks to board with Apple Pay before you can build your demo shopping cart.

For In-App only or In-App with On The Web solutions, you will need to obtain and upload signed credentials with both Apple Pay and Moneris. Verification of these credentials ensures secure communication between all parties.

Simple vs Advanced Setup

The boarding process differs if you plan to integrate with only Apple Pay On Web, only Apple Pay In App, or lastly integrate with both. If you plan to use both, you’ll need to follow both parts of the In-App boarding and skip the Simple setup method.

Advanced Setup (In-App Only)

  1. Register an Apple Merchant ID in the Apple Developer Portal

  2. Downloading a Certificate Signing Request file from the Moneris Merchant Resource Center

  3. Signing the Payment Processing Certificate file with Apple

  4. Uploading the signed Apple Pay Payment Processing Certificate to the Merchant Resource Center.

Moneris Resource Center

Apple Merchant Identifier

Follow the instructions on the Apple Developer Portal on creating a unique merchant identifier and downloading a Payment Processing Certificate

Downloading Payment Processing Certificate Signing Request (CSR)

Use your Apple merchant ID to obtain a certificate signing request (CSR) from the Moneris Merchant Resource Center for creating the Payment Processing Certificate.

  1. Go the Moneris Merchant Resource Center at one of the URLs in the aside, depending on your stage of development:

  2. On the navigation bar at the top, select Admin > Apple Pay

  3. Click on the Advanced Setup button

  4. Click on the Add Profile button and enter your Apple Merchant Identifier

  5. Locate your Apple Merchant Identifier in the list and click on the Edit button

  6. Click Download Payment Processing CSR to get the certification signing request (CSR) file from Moneris

Uploading the Certificate Signing Request (CSR)
to Apple

To upload the CSR to the Apple Developer Portal:

  1. In the Apple Developer Portal, go to Certificates, Identifiers, & Profiles and click Identifiers in the sidebar.

  2. Select Merchant IDs using the filter in the top right then select your merchant identifier

  3. If a text box appears regarding agreements, click the Review Agreement button and follow instructions before continuing.

  4. Click Choose File and select the .certSigningRequest file obtained from the MRC in the prior step, then click Choose

  5. Click on Continue

  6. Click on Download

The downloaded file is your signed Apple Pay Payment Processing Certificate.

Uploading the signed Apple Pay Payment Processing Certificate to the Merchant Resource Center

  1. To complete the boarding process for the Apple Pay In-App solution,

  2. Within the Merchant Resource Center, select Admin > Apple Pay

  3. Click on the Advanced Setup button

  4. Under the heading Apple Merchant Identifiers, find the row with your Apple Merchant Identifier and click on Edit

  5. Click the Upload Payment Processing Certificate button

  6. Choose the certificate from its location on your device to upload it.

If you are boarding an Apple Pay on the Web solution, you must do additional steps for boarding per Advanced Setup (On The Web) below. If you are only using Apple Pay In App, you may skip

Simple vs Advanced Setup

The boarding process differs if you plan to integrate with only Apple Pay On Web, only Apple Pay In App, or lastly integrate with both. If you plan to use both, you’ll need to follow both parts of the In-App boarding and skip the Simple setup method.

Advanced Setup (On The Web)

  1. Downloading a Merchant Identity CSR file from the Moneris Merchant Resource Center.

  2. Signing the CSR file with Apple

  3. Uploading the signed CSR file to the Moneris Merchant Resource Center

Merchant Resource Center

Downloading Merchant Identity Certificate Signing Request (CSR)

Use your Apple merchant ID to obtain a certificate signing request (CSR) from the Moneris Merchant Resource Center for creating your Merchant Identity Certificate.

  1. Go the Moneris Merchant Resource Center at one of the URLs in the aside, depending on your stage of development:

  2. On the navigation bar at the top, select Admin > Apple Pay

  3. Click on the Advanced Setup button

  4. Locate your Apple Merchant Identifier in the list and click on the Edit button

  5. Click Download Merchant Identity CSR to get the certification signing request (CSR) file from Moneris

Signing the Certificate Signing Request (CSR) with Apple

To upload the CSR to the Apple Developer Portal:

  1. In the Apple Developer Portal, go to Certificates, Identifiers, & Profiles and click Identifiers in the sidebar.

  2. Select Merchant IDs using the filter in the top right then select your merchant identifier

  3. Under Apple Pay Merchant Identity Certificate, click Create Certificate

  4. Click Choose File and select the .certSigningRequest file obtained from the MRC in the prior step, then click Choose

  5. Click on Continue

  6. Click on Download

Uploading the signed Apple Pay Merchant Identity Certificate to the Merchant Resource Center

To complete the boarding process for the Apple Pay On The Web solution,

  1. Within the Merchant Resource Center, select Admin > Apple Pay

  2. Click on the Advanced Setup button

  3. Under the heading Apple Merchant Identifiers, find the row with your Apple Merchant Identifier and click on Edit

  4. Click the Upload Merchant Identity Certificate button

  5. Choose the certificate from its location on your device to upload it.

With both certificates uploaded, your solution is ready for communication between Apple Pay and Moneris.

3. Boarding an Apple Pay Integration for Websites (On The Web only)

Beginning to integrate your website with Apple Pay and Moneris will involve a few basic tasks to board with Apple Pay before you can build your demo shopping cart. The Simple setup below is easy, straightforward, and does not require signed certificates, but only supports Apple Pay On The Web solutions.

On The Web Only vs Integrating Both In-App and Web

The Simple setup is for merchants interested in using Apple Pay On The Web only. Of you plan to integrate with both In-App and On The Web, you’ll want to follow the full Advanced setup under In-App. It has a second section on signing a Merchant Identity Certificate specifically for On The Web necessary when using both methods.

Testing Simple Setup Configuration

You will need a sandbox account for testing a Simple setup.

Sign in or Register

Simple Setup (On The Web Only)

  1. Go to the Moneris Merchant Resource Center at one of the following URLs depending on your stage of development:

  2. On the navigation bar at the top, select Admin > Apple Pay

  3. Click on the Add Profile button.
    If this button is missing, your account is flagged as a non-profit or charitable organization. Please register with Benevity or use the Advanced Setup instead.

  4. Enter your website's domain name for registration and click on the Next button

  5. Click on the Download button to obtain a file Apple uses to verify your ownership of the domain. You will need to place this file at a specified location.

  6. Apple will expect the file at the https://yourdomain.ca/.well-known/apple-developer-merchantiddomain-association location. Move the file there before proceeding.

  7. Return to the Merchant Resource Center and click on the Verify button.

Before moving on...

At the end of either Apple Pay integration step, you should have generated a successful response from Apple Pay.

  • For In-App, the PKPaymentRequest from the Apple Pay Passkit

  • For On The Web, either a successful ApplePayPaymentRequest or ApplePayRequest

The paymentData of either the PKPaymentToken or ApplePayPaymentToken is a UTF-8 encoded string, serializing the plaintext JSON with the card data needed to populate.

Developing an Apple Pay Demo App or Payment Page

In order to test the functionality of your Apple Pay solution with the Moneris Gateway, you first need a demo shopping cart application or payment page.

Apple provides some examples for Apple Pay In-App and Apple Pay on the Web on the Apple developer portal for developers to use in integrating their Apple Pay solutions.

4. Creating Payment Method

Finally, the merchant can store the Apple Pay wallet as a payment method via a POST Create Payment Method with the /payment-methods endpoint and the Wallet schema.

When sending Moneris the encrypted payload, use the Apple Pay Encrypted schema and map the contents of the decrypted data to their matching fields in the Moneris API.

When decrypting the payload locally, use the Apple Pay Decrypted schema and map the values from their Payment Data Keys to their matching fields in the Moneris API. Note that ApplePay may return a paymentDataType of either 3DSecure or EMV; each flavor of encryption for the underlying payment data can alter the required fields for the payment method:

  • For paymentDataType = 3DSecure, the payment data will contain onlinePaymentCryptogram as a base64-encoded string. Set the Moneris API dataType to “THREE_D_SECURE” and supply the onlinePaymentCryptogram string to our cryptogram field

  • For paymentDataType = EMV, the payment data will contain emvData as a base64-encoded string. Set the Moneris API dataType to “EMV” and supply the emvData string to our cryptogram field

Additional Information

Learn more with the API Definitions

Peruse the endpoints, request/response formats, and authentication methods covered in this scenario.

API References