Direct Integration with Apple Pay API
This guide explains how to integrate directly with the Apple Pay API using decrypted card tokens.
Step 1: Configure Your Apple Pay Environment
- Set up your Apple Merchant ID in your Apple Developer account. Follow instructions presented on the Apple Developer's documentation.
- Register your web domain with Apple and verify it.
Step 2: Integrate Apple Payment Request API
- Integrate Apple Payment Request API by following Apple's Payment Request API documentation.
- Add Apple Pay buttons to your website following Apple's Display Pay Button documentation.
- Create a
PaymentRequestobject with the required parameters following Apple's guide. Here is an example configuration:
const applePayMethod = {
supportedMethods: "https://apple.com/apple-pay",
data: {
version: 3,
merchantIdentifier: "merchant.com.example",
merchantCapabilities: ["supports3DS", "supportsCredit", "supportsDebit"],
supportedNetworks: ["masterCard", "visa"],
countryCode: "GB",
},
};
Replace merchant.com.example with your Apple Merchant ID configured in Step 1.
Step 3: Acquire a Payment Session
Perform merchant validation to acquire a payment session from Apple.
This step must be executed on your back-end server for security reasons, unlike the other steps, which are front-end-based.
Step 4: Handle Payment Authorisation
Handle the authorisation response returned by Apple Pay, ensuring proper validation of the payment data.
Step 5: Obtain Payment Response
Retrieve the PaymentResponse and the associated ApplePayPayment dictionary, which contains the tokenised payment data.
Step 6: Extract Token
Extract the payment token from the ApplePayPayment dictionary for decryption.
Step 7: Decrypt Payment Data
Decrypt the paymentData field from the payment token to retrieve card details. The decrypted data should be in the following format:
{
"applicationPrimaryAccountNumber": "",
"applicationExpirationDate": "",
"currencyCode": "",
"transactionAmount": ,
"deviceManufacturerIdentifier": "",
"paymentDataType": "",
"paymentData": {
"onlinePaymentCryptogram": ""
}
}
Step 8: Send Parameters to Fondy Gateway API
Using the decrypted data, construct a payment request to the Enroll Card in 3DSecure Service endpoint with the following mapping:
applicationPrimaryAccountNumber → card_number
applicationExpirationDate → expiry_date
onlinePaymentCryptogram → cavv
Add wallet = applepay to indicate the payment method.
Below, you can find an example of how that request should be formatted:
{
"request": {
"order_id": "Order_id123",
"merchant_id": 1549901,
"order_desc": "Apple Pay Payment with card token",
"amount": 1000,
"currency": "GBP",
"client_ip": "2.2.2.2",
"server_callback_url": "https://server.com/callback",
"preauth": "Y",
"version": "1.0.1",
"container": "<BASE64_ApplePay_paymentData>",
"wallet": "applepay"
"signature": "64d565cdf9bfb2ad556eac54bd57706e5dc6c412",
}
}
The container parameter is simply the raw paymentData from the ApplePayPayment object, encoded as Base64. Instead of sending Fondy separate fields like card number, expiry date or cryptogram, you send this single “container” and Fondy will decrypt and validate it for you. This approach makes integration easier and more secure, since no sensitive card details ever travel through your backend in clear text.
By following these steps, you can directly integrate with the Apple Pay API and process payments securely using decrypted card tokens.