Merchant Decryption of Apple Pay PKPaymentToken

Document created by gjsissons on Jul 25, 2016Last modified by gjsissons on Jul 26, 2016
Version 7Show Document
  • View in full screen mode

Using this process, the responsibility for the decryption of the PKPaymentToken from Apple Pay falls to you. After completing the first three steps of the process as detailed in the Overview of Apple Pay Operation section and depicted by the green and blue arrows in Figure 3, the process continues as follows:


4. Your mobile application forwards the PKPaymentToken from Apple Pay to your order processing server, along with other normal information from the transaction (such as Bill To and Ship To Address).

5. Using your private key, you decrypt the PKPaymentToken, construct the Authorization/Sale transaction, and submit it to Vantiv. In this case, you would populate the LitleXML <number> element with the device primary account number, the <expDate> element with the expiration date, and the <authenticationValue> field with the cryptogram extracted from the PKPaymentToken. Also, set the <orderSource> element to applepay (Server-side API submit).

6. Vantiv detects that this is an Apple Pay transaction and submits the transaction with the appropriate information to the card networks for approval.

7. Vantiv sends the Approval/Decline message back to your system, using the standard format for an Authorization or Sale response.

8. You return the Approval/Decline message to your mobile application.




Testing the Submission of the Decrypted PKPaymentToken in LitleXML


To test the submission of an Apple Pay transaction in LitleXML when you decrypt the PKPaymentToken, you must include the information listed in the table below in an Authorization or Sale transaction. Assuming you submit valid XML with appropriate values, the test environment will return an approved response message.


LitleXML ElementValue

Use any valid (Mod-10 compliant) card number. You can find test numbers in Chapter 2 of the Vantiv LitleXML Reference Guide.


Use any valid expiration date (i.e., a date in the future).


Any Base-64 encoded value between 40 and 56 characters in length. This value simulates the cryptogram extracted from the PKPaymentToken.

orderSourceSet to applepay


Note: Prior to performing any tests of Apple Pay transactions, you must receive test environment credentials from your Implementation Consultant or your Customer Experience Manager.

Previous: Vantiv Decryption of Apple Pay PKPayment Token

Next: LitleXML <applepay> structure


Return to: In-App for eCommerce