Decrypted Payload
Using the Apple Pay decrypted payload
In certain cases, when you are in full PCI scope, you may have a direct special relationship with Apple, which allows you to decrypt the payload directly and extract the card data. You can use this data to route or orchestrate card traffic to different payment providers. We will describe below what you need to do in this case, in the context of Paysafe.
-
Once you decrypt the Apple Pay payload, keep the original format, but replace the encrypted data field with a decryptedData object.
This allows you to pass the data to Paysafe in the same format you received from Apple, without mapping Apple’s fields to Paysafe’s fields. Here is an example:
URL: POST /customervault/v1/applepaysingleusetokens
{
"applePayPaymentToken": {
"token": {
"paymentData": {
"decryptedData": {
"applicationPrimaryAccountNumber": "4000000000002503",
"applicationExpirationDate": "300101",
"currencyCode": "840",
"transactionAmount": "2000",
"cardholderName": "John Doe",
"deviceManufacturerIdentifier": "Apple",
"paymentDataType": "3DSecure",
"paymentData": {
"onlinePaymentCryptogram": "YwAAABDDEDqZemoRR24MgA2bHAA",
"eciIndicator": "7"
}
}
},
"paymentMethod": {
"displayName": "Visa 4228",
"network": "Visa",
"type": "debit"
},
"transactionIdentifier": "3cd1d70e5b1cd31eba1dfd9e50c3a1902ae44cb9c2dec298c8d0548f72ca2fc4"
},
"billingContact": {
"addressLines": [
"5335 Gate Pkwy"
],
"administrativeArea": "FL",
"country": "United States",
"countryCode": "US",
"familyName": "Doe",
"givenName": "John",
"locality": "Jacksonville",
"phoneticFamilyName": "Doe",
"phoneticGivenName": "John",
"postalCode": "32256",
"subAdministrativeArea": "",
"subLocality": ""
}
}
}
{
"id": "5dd3aa9f-77ab-4086-829d-e4e78ba7fdc3",
"paymentToken": "As2aK1LRHtw8W2E",
"timeToLiveSeconds": 899,
"isFromMultiUseToken": false,
"transaction": {
"amount": 2000,
"currencyCode": "USD"
},
"applePayPaymentToken": {
"decryptedData": {
"paymentData": {
"eciIndicator": "7",
"blank": false
},
"blank": false
},
"billingContact": {
"addressLines": [
"5335 Gate Pkwy"
],
"administrativeArea": "FL",
"countryCode": "US",
"locality": "Jacksonville",
"postalCode": "32256"
},
"token": {
"paymentData": {
"header": {}
},
"paymentMethod": {
"displayName": "Visa 4228",
"network": "Visa",
"type": "debit"
}
}
},
"card": {
"status": "ACTIVE",
"cardBin": "400000",
"lastDigits": "4228",
"holderName": "John Doe",
"cardType": "VI",
"cardCategory": "DEBIT",
"issuingCountry": "US",
"tokenType": "APPLE_PAY",
"applePay": {
"bin": "400000",
"lastDigits": "2503",
"expiry": {
"year": 2030,
"month": 1
},
"status": "ACTIVE",
"subtype": "DEVICE"
}
},
"authentication": {
"eci": "7"
}
}
2. Call the Card Payments API using the single-use token to process the transaction
From your server, use the single-use token (paymentToken) to make an authorization or purchase request to the Card Payments API. At this step, use the backend or server-to-server API key of Paysafe.
URL: POST /cardpayments/v1/accounts/account_id/auths
{
"merchantRefNum": "cb900ff8-e91f-48ab-99ab-ce94939c4e7a",
"amount": 2000,
"settleWithAuth": true,
"card": {
"paymentToken": "As2aK1LRHtw8W2E"
},
"billingDetails": {
"street": "5335 Gate Parkway",
"city": "Jacksonville",
"zip": "32256",
"state": "FL",
"country": "US"
},
"profile": {
"firstName": "John",
"lastName": "Doe",
"email": "john.doe@paysafe.com"
},
"merchantDescriptor": {
"dynamicDescriptor": "Apple Pay Test"
},
"description": "Apple Pay Test Transaction"
}
{
"id": "be359cf6-3bf7-49ea-8d79-aa2e14bf8bce",
"merchantRefNum": "cb900ff8-e91f-48ab-99ab-ce94939c4e7a",
"txnTime": "2025-12-12T09:30:23Z",
"status": "COMPLETED",
"acquirerResponse": {
"code": "VPS",
"responseCode": "00",
"responseCodeDescription": "Approved and completed",
"avsCode": "X"
},
"cardSchemeTransactionId": "113854489835711",
"amount": 2000,
"settleWithAuth": true,
"preAuth": false,
"availableToSettle": 0,
"card": {
"tokenType": "APPLE_PAY",
"applePay": {
"expiry": {
"month": 1,
"year": 2030
},
"lastDigits": "2503",
"subtype": "DEVICE"
},
"type": "VI",
"lastDigits": "4228",
"cardExpiry": {
"month": 1,
"year": 2030
},
"issuingCountry": "US"
},
"authentication": {
"eci": 7
},
"authCode": "178464",
"profile": {
"firstName": "John",
"lastName": "Doe",
"email": "john.doe@paysafe.com"
},
"billingDetails": {
"street": "5335 Gate Parkway",
"city": "Jacksonville",
"state": "FL",
"country": "US",
"zip": "32256"
},
"merchantDescriptor": {
"dynamicDescriptor": "Apple Pay Test",
"phone": "1231231323"
},
"visaAdditionalAuthData": {},
"description": "Apple Pay Test Transaction",
"currencyCode": "USD",
"avsResponse": "NOT_PROCESSED",
"cvvVerification": "NOT_PROCESSED",
"settlements": [
{
"id": "be359cf6-3bf7-49ea-8d79-aa2e14bf8bce",
"merchantRefNum": "cb900ff8-e91f-48ab-99ab-ce94939c4e7a",
"txnTime": "2025-12-12T09:30:23Z",
"status": "PENDING",
"gatewayReconciliationId": "ZZ2949094740",
"amount": 2000,
"availableToRefund": 2000,
"links": [
{
"rel": "self",
"href": "https://api.test.paysafe.com/cardpayments/v1/accounts/1002316170/settlements/be359cf6-3bf7-49ea-8d79-aa2e14bf8bce"
}
]
}
],
"links": [
{
"rel": "settlement",
"href": "https://api.test.paysafe.com/cardpayments/v1/accounts/1002316170/settlements/be359cf6-3bf7-49ea-8d79-aa2e14bf8bce"
},
{
"rel": "self",
"href": "https://api.test.paysafe.com/cardpayments/v1/accounts/1002316170/auths/be359cf6-3bf7-49ea-8d79-aa2e14bf8bce"
}
]
}
3. Send the response your server receives from the Card Payments API back to the website.
The Card Payments API will return a response (successful or failed) to your server, which you must forward to your website. Ensure you provide only a brief message to the user and avoid disclosing the reason for a failed transaction.