Performing an in-app payment with Apple Pay™ against Vantiv's eCommerce platform is relatively simple, but will require either the development of new native iOS applications or the modification of your existing applications.
Applications will need to use the Apple PassKit Framework and properly handle encrypted data returned to your application by Apple Pay. The overall process involved in integrating with Apple Pay is explained in the Apple document Getting Started with Apple Pay.
The basic steps that occur when a consumer initiates an Apple Pay purchase using your mobile application are:
- When the consumer selects the Apple Pay option from your application, your application makes use of the Apple PassKit Framework to request payment data from Apple Pay.
- When Apple Pay receives the call from your application, and after the consumer approves the Payment Sheet (using Touch ID), Apple creates a PKPaymentToken using your public key. Included in the PKPaymentToken is a network (Visa, MasterCard, or American Express) payment token and a cryptogram.
- Apple Pay returns the Apple PKPaymentToken (defined in Apple documentation; please refer to https://developer.apple.com/library/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentToke nJSON.html) to your application.
- Your application can then decrypt the token, and process a payment transactions against Vantiv's eCommerce platform. When processing Apple Pay transactions against Vantiv's eCommerce platform, developers have some choices to make in how they will handle the returned PKPaymentToken.
- The recommended approach is to have Vantiv decrypt the PKPaymentToken for you so that you don't need to worry about creating and maintaining public and private keys. If you have already implemented eProtect (formerly known as PayPage in your application) you should use eProtect for Apple Pay. A second approach involves you sending the PKPaymentToken as key value pairs (without decryption) as a part of your LitleXML transaction using the LitleXML <applepay> structure. In both of these scenarios, your Vantiv implementation consultant can provide a CSR (certificate signing request) that you can use in your registration process with Apple Pay.
- A second approach involves the merchant taking responsibility for decrypting the Apple Pay PKPaymentToken themselves on the merchants server. The merchant would then construct a payment transaction in LitleXML as normal populating the <number> field with the device primary account number, the <expDate> element with the expiration date and the <authenticationValue> field with the cryptogram extracted from the PKPaymentToken. Using this method of integration, the <orderSource> element needs to be set to the value "applepay" so that Vantiv knows how to interpret the transaction.
The steps above are described in detail in a sub-space dedicated to In-App Payments on Vantiv's eCommerce platform.