Introduction to Apple Pay

Apple Pay is a digital payment solution that enables your customers to make secure and convenient purchases without requiring them to enter their card details or shipping information. You can use the
National Australia Bank
(NAB)
platform to process and manage Apple Pay transactions.
When you offer your customers
device apps
enabled for Apple Pay, you can collect payments for purchases made on iPhone and Apple Watch apps. When you offer your customers
Apple Pay on the web
, Apple Pay cardholders can purchase goods and services from within your web app. You can try an Apple Pay test transaction on the Apple Developer site by using the
Apple Pay on the Web Interactive Demo
:
Using Apple Pay on the
VDC NAB
platform can reduce the exposure of sensitive payment data to your system. When a cardholder initiates a purchase from within your Apple Pay enabled app or web page, Apple Pay receives the encrypted transaction. An Apple Pay server returns the transaction payment information re-encrypted with a developer-specific key. The key helps to ensure that only the app or the web page can access the encrypted information.
Customers experience reduced payment friction because their information is tokenized and stored for future use. Customers who configure auto-fill options for their Apple Pay accounts can have payment and card data pre-populate after they sign in to their accounts and authenticate.

Requirements for Using Apple Pay

In order to use the
National Australia Bank
platform to process Apple Pay transactions, you must have these things:
IMPORTANT
Apple Pay relies on authorizations with payment network tokens. You can sign up for Apple Pay only when these statements are true:
  • Your processor supports payment network tokens.
  • National Australia Bank
    supports payment network tokens with your processor.
If one of these statements is not true, you must take one of these actions before you can sign up for Apple Pay:
  • Obtain a new merchant account with a processor that supports payment network tokens.
  • Wait until your processor supports payment network tokens.

Supported Card Types and Optional Features

Processor
Card Types
Optional Features
VDC NAB
  • Mastercard
  • Visa
  • Merchant-Initiated transactions
  • Multiple partial captures
  • Recurring payments

Apple Pay Integrations and Payload Decryption Methods

In response to a payment request, Apple Pay returns an encrypted payload that contains sensitive payment information. Two methods can be used to extract and decrypt the payment information, and both methods support Apple Pay in-app and web transactions.
  • With
    National Australia Bank
    decryption
    ,
    National Australia Bank
    manages the generation of the payment encryption key and the decryption of the Apple Pay response.
    IMPORTANT
    This method reduces the exposure of the sensitive payment data to your system.
  • With
    merchant decryption
    , you manage both the payment encryption key generation and the decryption of the Apple Pay response.
The remainder of this section summarizes the flow of Apple Pay transaction processing for each decryption method.

Flow of Apple Pay In-App Transactions Processed Using
National Australia Bank
Decryption

This diagram illustrates the flow of in-app transaction processing using
National Australia Bank
decryption.

Figure:

In-App Transaction Processing with
National Australia Bank
Decryption
In-App Processing with non-Merchant Decryption
  1. When the customer chooses to pay with Apple Pay, you use the Apple PassKit Framework to request the encrypted payment data from Apple.
  2. Apple uses the Secure Element to create a
    payment token
    and encrypt the token’s
    payment data
    before it sends your application.
    • The payment token is the
      PKPaymentToken
      structure.
    • The payment data is the
      paymentData
      field of the
      PKPaymentToken
      structure.
  3. You forward the encrypted payment data to your order management system.
  4. Using the
    National Australia Bank
    API, you submit the authorization request. In the
    paymentInformation.fluidData.value
    field, include the Base64-encoded value obtained from the
    paymentData
    field of the
    PKPaymentToken
    structure.
  5. National Australia Bank
    decrypts the payment data and forwards the information to the payment network, which includes your processor and the relevant payment card company.
    IMPORTANT
    You must use the
    Gateway Portal
    or one of the
    National Australia Bank
    API services to capture, credit, or void the authorization.

Flow of Apple Pay In-App Transactions Processed Using Merchant Decryption

This diagram illustrates the flow of in-app transaction processing using merchant decryption.

Figure:

In-App Transaction Processing with Merchant Decryption
In-App Processing with Merchant Decryption
  1. When the customer chooses to pay with Apple Pay, you use the Apple PassKit Framework to request the encrypted payment data from Apple.
  2. Apple uses the Secure Element to create a
    payment token
    and encrypt the token’s
    payment data
    before it sends your application.
    • The payment token is the
      PKPaymentToken
      structure.
    • The payment data is the
      paymentData
      field of the
      PKPaymentToken
      structure.
  3. You forward the encrypted payment data to your order management system to decrypt. For information on decryption, see the Payment Token Format Reference article in the Apple Pay Developer Documentation.
  4. Using the
    National Australia Bank
    API, you submit the authorization request and include the decrypted payment data.
  5. National Australia Bank
    forwards the information to the payment network, which includes your processor and the relevant payment card company.
    IMPORTANT
    You must use the
    Gateway Portal
    or one of the
    National Australia Bank
    API services to capture, credit, or void the authorization.

Flow of Apple Pay Web Transactions Using
National Australia Bank
Decryption

  1. When the customer chooses to pay with Apple Pay, you use the Apple Pay JavaScript to request the encrypted payment data from Apple.
  2. Apple uses the Secure Element to create a
    payment token
    and encrypt the token’s
    payment data
    before it sends your application using the
    onpaymentauthorized
    event handler.
    • The payment token is the
      ApplePayPaymentToken
      structure.
    • The payment data is the
      paymentData
      field of the
      ApplePayPaymentToken
      structure.
    For more information, see Apple Pay on the Web Interactive Demo.
  3. You forward the encrypted payment data to your order management system.
  4. Using the
    National Australia Bank
    API, you submit the authorization request. In the
    paymentInformaton.fluidData.value
    field, include the Base64-encoded value obtained from the
    paymentData
    field of the
    ApplePayPaymentToken
    structure.
  5. National Australia Bank
    decrypts the payment data and forwards the information to the payment network, which includes your processor and the relevant payment card company.
    IMPORTANT
    Use the
    Gateway Portal
    or one of the
    National Australia Bank
    API services to capture, credit, or void the authorization.

Flow of Apple Pay Web Transactions Using Merchant Decryption

  1. When the customer chooses to pay with Apple Pay, you use the Apple Pay JavaScript to request the encrypted payment data from Apple.
  2. Apple uses the Secure Element to create a
    payment token
    and encrypt the token’s
    payment data
    before it sends your application using the
    onpaymentauthorized
    event handler.
    • The payment token is the
      ApplePayPaymentToken
      structure.
    • The payment data is the
      paymentData
      field of the
      ApplePayPaymentToken
      structure.
    For more information, see Apple Pay on the Web Interactive Demo.
  3. You forward the encrypted payment data to your order management system to decrypt. For information on decryption, see the Payment Token Format Reference article in the Apple Pay Developer Documentation.
  4. Using the
    National Australia Bank
    API, you submit the authorization request and include the decrypted payment data. See Authorization Service.
  5. National Australia Bank
    forwards the information to the payment network, which includes your processor and the relevant payment card company.
    IMPORTANT
    Use the
    Gateway Portal
    or one of the
    National Australia Bank
    API services to capture, credit, or void the authorization.

Two Apple Pay Decryption Methods

Integration hooks for two Apple Pay decryption methods are built into the
VDC NAB
payment management platform. The two decryption methods—
VDC NAB
decryption and merchant decryption—handle Apple Pay encrypted payment data differently. You will integrate the decryption method that best suits your technical development environment in terms of desired degree of exposure to, or control over, sensitive payment information.
IMPORTANT
The Apple Pay decryption method that you integrate determines how you will format your API request messages when you authorize a payment or process a sale.
To integrate Apple Pay into your system, you simply register with both Apple and
VDC NAB
, generate keys and certificates (or
VDC NAB
creates and manages them on your behalf), and place the Apple Pay mark on your app or web page. This guide includes instructions for integrating Apple Pay on
VDC NAB
into your system. The instructions cover both of the Apple Pay decryption methods.

Integration Options

National Australia Bank
supports Apple Pay in multiple integration options. Three of the most widely used options are
VDC NAB
decryption, merchant decryption, and
Checkout API
. Each option presents specific tradeoffs and advantages, and you can select the integration model that best fits your business.
Apple Pay integration is built into the
National Australia Bank
payment management platform.
National Australia Bank
offers two integration methods for handling the payment data returned by the Apple Pay service for processing payments. In response to an authorization request, Apple Pay returns payment data in an encrypted payload. The encrypted payment data is handled and processed differently, depending on which integration method is used. Both decryption methods support Apple Pay in-app and Apple Pay on the web.

VDC NAB
Decryption

For
VDC NAB
decryption, you implement Apple Pay directly on your checkout page. You send
National Australia Bank
all encrypted payment information that you receive from Apple Pay.
VDC NAB
creates and manages the Apple Pay decryption keys, extracts and decrypts payment information, and maps the information to the appropriate fields for authorization and other payment services on your behalf. Having
VDC NAB
process your Apple Pay transactions reduces your exposure to sensitive payment information.

Merchant Decryption

For merchant decryption, you (the merchant or the integrator) manage all aspects of the Apple Pay implementation, from generation of the payment encryption keys to decryption of the payment response payload from Apple Pay. As a merchant, you submit the Apple Pay payment token and other payment information to
VDC NAB
for processing. With merchant decryption, payment instrument details remain visible to you, and you control the technical development that decrypts this information.

Unified Checkout Integration

Unified Checkout Integration
is a consolidated digital acceptance product.
Unified Checkout Integration
offers a single implementation for multiple payment options. This integration type is designed for merchants looking for a single solution for integrating multiple digital payment options.
IMPORTANT
Unified Checkout Integration
is not covered in this guide. It is mentioned here for the sake of completeness. For information about Unified Checkout, see the .

Cards Supported for Apple Pay on
VDC National Australia Bank Ltd

National Australia Bank
supports Apple Pay on the VDC NAB payment gateway only.
These payment cards are supported:
  • Mastercard
  • Visa
IMPORTANT
Payment processors connect with acquirers. Before you can accept payments, you must register with a payment processor. An acquirer might require you to use a payment processor with an existing relationship with the acquirer.
For an overview of financial institutions and payment networks that work together to enable payment services, see the .

Payment Services Supported for Apple Pay

Apple Pay is supported for the authorization, sale, authorization reversal, and capture services. The credit and void services are also supported for Apple Pay.

Authorization

An authorization confirms that a payment card account holds sufficient funds to pay for a purchase. A successful authorization places a hold on the funds in the account, reducing the cardholder's available limits by the authorized amount. The authorization service is supported with both types of Apple Pay decryption. For more information, see these topics:

Sale (Authorization and Capture)

A sale bundles an authorization and capture into a single transaction. Request the authorization and capture at the same time. Upon a successful transaction, funds are immediately transferred from the cardholder account to the merchant account. The authorization and capture amounts must be the same. The sale service is supported with both types of Apple Pay decryption. For more information, see these topics:

Authorization Reversal

Initiate an authorization reversal to reverse an unnecessary or undesired authorization. A successful authorization reversal releases the hold that the authorization placed on the cardholder’s credit card funds. Include in the request message the request ID returned from the previous authorization because the request ID links the reversal to the authorization.

Capture

A capture, also known as settlement, transfers funds from the cardholder’s account to your bank, typically in 2 to 4 days, and it releases the hold that the authorization placed on the cardholder’s credit card funds. Include in the capture request message the request ID returned from the previous authorization because the request ID links the capture to the authorization.
For more information, see Capture an Apple Pay Authorization.

Credit

A
refund
(also known as a follow-on credit)
is a payment refund from your bank to the cardholder for a payment that has already been captured. To initiate a
refund
, send a request message to the
credit service
and include the request ID that was returned in the response to the capture request. Because the request ID links to the cardholder’s billing and account information, you are not required to include those fields in the credit request. Unless otherwise specified, you must request a
refund
within 180 days of a settlement.
For more information about credit requests and credit authorization results, see the "Standard Payments Processing" section of the .

Void

You can void an Apple Pay capture or credit that was submitted but is not yet processed by the processor.
You send a request for a capture void and a credit void to different endpoints. A void is linked to a capture or credit transaction through the request ID of the transaction you want to void. As a best practice, also include an order reference number or a tracking number. This number can help you to perform meaningful searches for the transaction.
For more information about void requests and responses, see the "Standard Payments Processing" section of the .

Summary of Requirements for Using Apple Pay

This topic lists the key requirements for using Apple Pay.
More detailed information is provided in Getting Started with Apple Pay.
A
VDC NAB
merchant account.
If you do not have a merchant account, contact your
VDC NAB
sales representative.
Apple Pay enabled for your
VDC NAB
account.
If Apple Pay is not enabled, contact your
VDC NAB
representative.
A VDC NAB evaluation account.
To create a test account, visit the VDC NAB contect information page.
A
VDC NAB
Gateway Portal
production account with a supported processor.
If you do not have a production account, contact your
National Australia Bank
sales representative.
Production account login page:
IMPORTANT
Apple Pay relies on authorizations with payment network tokens. Your environment must meet these requirements in order to support payment network tokenization:
  • Your processor supports payment network tokens.
  • VDC NAB
    supports payment network tokens with your processor.
If your environment does not meet both requirements, you have these options:
  • Obtain a new merchant account with a processor that supports payment network tokens.
  • Wait until your processor supports payment network tokens.