Enable mobile consumer payments in an iOS environment.
Apple Pay is a mobile payment and digital wallet service by Apple Inc. that allows iOS users to make payments using their compatible mobile device. Apple Pay will work with Visa’s PayWave, MasterCard’s PayPass, and American Express’s ExpressPay services.
Mobile payment apps can hand control of the payment transaction to ApplePay form. iOS encrypts the payment data and returns it to the mobile app. The vendor sends the encrypted payment data to InstaMed.
Security: RSA / public key encryption and tokenization
Compliance: greatest amount of scope reduction under current PCI rules (SAQ A eligible)
Apple Pay (In App) Flow
- When the user presses the ApplePay button the App performs the following:
- Creates a payment request including
- amount,
- ApplePay merchant ID,
- description
- Initializes ApplePay UI Controller with the payment request
- Implements Callback method
- sets UIController delegate=self
- hands control to ApplePay UI Controller
- Apple Pay UI is displayed. The user selects the card and confirms with the fingerprint scanner. ApplePay invokes the callback method with the encrypted data block.
- App sends encrypted data block to InstaMed to convert it to a single use token.
- App sends single use token with payment request to InstaMed.
- InstaMed decrypts the token and processes the payment and returns a response.
- App receives response and displays receipt.
Apple Pay (In App) Sample Code
#import
- (void) doApplePay
{
PKPaymentRequest *paymentRequest = [InstaMed paymentRequestWithMerchantIdentifier: @"merchant.com.instamedgo"];
// Configure your request here.
NSString *label = @"SMITH CARDIOLOGY 10005000";
NSDecimalNumber *amount = [NSDecimalNumber decimalNumberWithString:@"1.00"]; paymentRequest.paymentSummaryItems = @[ [PKPaymentSummaryItem summaryItemWithLabel:label amount:amount]];
if ([InstaMed canSubmitPaymentRequest:paymentRequest]) {
PKPaymentAuthorizationViewController * paymentController;
paymentController = [[PKPaymentAuthorizationViewController alloc] initWithPaymentRequest:paymentRequest];
paymentController.delegate = self;
[self presentViewController:paymentController animated:YES completion:nil];
}
else
{
// Show the user your own credit card form or do SSO flow
}
}
(void)paymentAuthorizationViewController:(PKPaymentAuthorizationViewController *)controller didAuthorizePayment:(PKPayment *)payment completion:(void (^)(PKPaymentAuthorizationStatus))completion
{
[self handlePaymentAuthorizationWithPayment:payment completion:completion];
}
(void)handlePaymentAuthorizationWithPayment:(PKPayment *)payment
completion:(void (^)(PKPaymentAuthorizationStatus))completion
{
// handle single use token;
}
(void)paymentAuthorizationViewControllerDidFinish:(PKPaymentAuthorizationViewController *)controller
{
[self dismissViewControllerAnimated:YES completion:nil];
}Sample Request and Response where CardPresentStatus=InAppApplePay
SaveApplePayToken Request
transactionAction=SaveApplePayToken&merchantID=NOVA E4 2&storeID=1&terminalID=1&applePayMerchantID=merchant.com.instamedgo.merchant1&applePayTokenData=%7B%22version%22:%22EC_v1%22,%22data%22:%22QIoRUlFOvwFjkb5T9gyJtidx1lp10tpO93PXLCBqbb3/5vwpTVO/%2BJ3blgMy05tqxTfltsBozYSRyP87/AbV6XD50G5Wu/L152zJmYrMUbeDJB4gwr0R3DXZyY/XQ5LffQnY7pX5G/Oqh/pZKGJG9CuGzlQX/CcO5JAiQc4X%2BCm/Z62OYvhTRAcPvSaDen4BXwvp9cVgp9kYyl6890OFv3DbtoJmZHksc750Ma6aQyrVLEw4m7W9DQc4j4V4Mb0XJieyUFvIy381CCMlNv8l0KH/%2BOBHt6QeObx1Jo51TqOaOeCeUid3JZVsr9ysTTPJ9S7pjbYlcci2t7eD3Wk/evq/gYxEwyNM8eINCwoLpCuSohtR7cET3niALZV2AjgP508AOtiLFfIWRlfv2/32OI/sauw1Vl/dSWZzAoAVyAMR%22,%22signature%22:%22MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIID4jCCA4igAwIBAgIIJEPyqAad9XcwCgYIKoZIzj0EAwIwejEuMCwGA1UEAwwlQXBwbGUgQXBwbGljYXRpb24gSW50ZWdyYXRpb24gQ0EgLSBHMzEmMCQGA1UECwwdQXBwbGUgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE0MDkyNTIyMDYxMVoXDTE5MDkyNDIyMDYxMVowXzElMCMGA1UEAwwcZWNjLXNtcC1icm9rZXItc2lnbl9VQzQtUFJPRDEUMBIGA1UECwwLaU9TIFN5c3RlbXMxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwhV37evWx7Ihj2jdcJChIY3HsL1vLCg9hGCV2Ur0pUEbg0IO2BHzQH6DMx8cVMP36zIg1rrV1O/0komJPnwPE6OCAhEwggINMEUGCCsGAQUFBwEBBDkwNzA1BggrBgEFBQcwAYYpaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwNC1hcHBsZWFpY2EzMDEwHQYDVR0OBBYEFJRX22/VdIGGiYl2L35XhQfnm1gkMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUI/JJxE%2BT5O8n5sT2KGw/orv9LkswggEdBgNVHSAEggEUMIIBEDCCAQwGCSqGSIb3Y2QFATCB/jCBwwYIKwYBBQUHAgIwgbYMgbNSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRlIHBvbGljeSBhbmQgY2VydGlmaWNhdGlvbiBwcmFjdGljZSBzdGF0ZW1lbnRzLjA2BggrBgEFBQcCARYqaHR0cDovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwuYXBwbGUuY29tL2FwcGxlYWljYTMuY3JsMA4GA1UdDwEB/wQEAwIHgDAPBgkqhkiG92NkBh0EAgUAMAoGCCqGSM49BAMCA0gAMEUCIHKKnw%2BSoyq5mXQr1V62c0BXKpaHodYu9TWXEPUWPpbpAiEAkTecfW6%2BW5l0r0ADfzTCPq2YtbS39w01XIayqBNy8bEwggLuMIICdaADAgECAghJbS%2B/OpjalzAKBggqhkjOPQQDAjBnMRswGQYDVQQDDBJBcHBsZSBSb290IENBIC0gRzMxJjAkBgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzAeFw0xNDA1MDYyMzQ2MzBaFw0yOTA1MDYyMzQ2MzBaMHoxLjAsBgNVBAMMJUFwcGxlIEFwcGxpY2F0aW9uIEludGVncmF0aW9uIENBIC0gRzMxJjAkBgNVBAsMHUFwcGxlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRMwEQYDVQQKDApBcHBsZSBJbmMuMQswCQYDVQQGEwJVUzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPAXEYQZ12SF1RpeJYEHduiAou/ee65N4I38S5PhM1bVZls1riLQl3YNIk57ugj9dhfOiMt2u2ZwvsjoKYT/VEWjgfcwgfQwRgYIKwYBBQUHAQEEOjA4MDYGCCsGAQUFBzABhipodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDA0LWFwcGxlcm9vdGNhZzMwHQYDVR0OBBYEFCPyScRPk%2BTvJ%2BbE9ihsP6K7/S5LMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUu7DeoVgziJqkipnevr3rr9rLJKswNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVyb290Y2FnMy5jcmwwDgYDVR0PAQH/BAQDAgEGMBAGCiqGSIb3Y2QGAg4EAgUAMAoGCCqGSM49BAMCA2cAMGQCMDrPcoNRFpmxhvs1w1bKYr/0F%2B3ZD3VNoo6%2B8ZyBXkK3ifiY95tZn5jVQQ2PnenC/gIwMi3VRCGwowV3bF3zODuQZ/0XfCwhbZZPxnJpghJvVPh6fRuZy5sJiSFhBpkPCZIdAAAxggFeMIIBWgIBATCBhjB6MS4wLAYDVQQDDCVBcHBsZSBBcHBsaWNhdGlvbiBJbnRlZ3JhdGlvbiBDQSAtIEczMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMCCCRD8qgGnfV3MA0GCWCGSAFlAwQCAQUAoGkwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTUwNTI5MTYzNjUxWjAvBgkqhkiG9w0BCQQxIgQg%2Bh%2BdKnaO7MdFOgVhVS9BGEctVFjiK%2Bsi8Zs1ie9NTIUwCgYIKoZIzj0EAwIERjBEAiAaGY6zEvk%2B7CA6UHZoNIfQZAQ6pHgMuwu8MdKwyXFH4wIgG9t0h4fTi0ExkOH8OpiRfiATFjDh5wvgEhcCZuFDZUsAAAAAAAA%3D%22,%22header%22:%7B%22ephemeralPublicKey%22:%22MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE%2B1I74Oo2BgCOYw5irBl6Oj3sYZYidwE3Q8Nepore5CVp0lS37/k7vZqPtjrXWDTCUYLRMusdJnykc8ExV8JHpQ%3D%3D%22,%22transactionId%22:%22cafafd4a9567d7637df42490307ebbbf558987b1b7dc528bd447357b96de48bd%22,%22publicKeyHash%22:%22aLRGJ9LtpjvcXaN9FIlxWG67GJzdK5MorlEvS4mRGTo%3D%22%7D%7DSaveApplePayToken Response
applePayTokenID=NTc0MTY0ZWUtYjExMC00N2I0LWJlMzQtYTNkZTRiZjNhMjM2InAppApplePay Request
transactionAction=AuthCapt&transactionType=CreditCard&merchantID=NOVA E4 2&storeID=1&terminalID=1&applePayMerchantID=merchant.com.instamedgo.merchant1&applePayTokenID=ZDkzYWYxNTEtMWQ1My00MDUzLWFjY2UtZmVmYjhiYzI3MDUz&amount=100.00&cardPresentStatus=InAppApplePayInAppApplePay Response
"IsEMVVerifiedByPIN=false&cardBrand=VISA&cardExpirationMonth=1&cardExpirationYear=2019&cardBINNumber=400278&paymentCardType=CREDIT&lastFourDigits=8667&authorizationNumber=CVI142&responseCode=000&responseMessage=APPROVAL&transactionStatus=C&authorizationText=I AGREE TO PAY THE ABOVE AMOUNT ACCORDING TO MY CARD HOLDER AGREEMENT.&transactionID=EEBE93934EBC43F59E8806A161FFCCC6&transactionDate=2015-05-29T16:31:49.2894368Z