developer.authorize.net developer.cybersource.com
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a question

Apple Pay Opaque tokens - Do they expire? How do they work with CIM?

I have been using ApplePay for a while now with Authorize.NET but I want to use it for recurring payments too.

 

It turns out I *accidentally* got this working by reposting the same opaque token when the customer's next payment was due. Cool! 

 

However I want to implement this properly using CIM profiles. I see from this thread that we can now add opaque tokens to a customer payment profile https://community.developer.authorize.net/t5/Integration-and-Testing/Can-I-create-a-recurring-subscr....

 

1) Is there more information about this. Do I simply pass the token to opaqueData in lieu of credit card payment info?

 

2) Most importantly

 

Surely a token expires at some point? It is encrypted and the encryption certificate will expire. 

 

From Apple

 

  • The Payment Processing certificate expires every 25 months.

  • The Merchant Identity certificate expires every 25 months.

  • A registered domain's verification expires when its SSL certificate expires.

So does that mean my tokens expire after 25 months?

 

Or if I put them in a payment profile does Authorize.NET unencrypt it and store the PAN information for me? If so that's great but I don't see any explanation of how it works anywhere. We need more details please!

 

 

It's been a while since I implemented this and I'm forgetting exactly which certificate does what. 

 

 

simeyla
Contributor

‎09-07-2018 01:33 PM

0 Kudos
2 REPLIES 2

Hi @simeyla

 

Yes you need to pass the apple pay blob in the opaqueData for creating the profile for recurring payments .

 

Do note these profiles created from Apple Pay can only be used for recurring billing . 

 

We  store the decrypted DPAN in the profile and not the actual encrypted token which is passed . 

 

opaqueData Required.
Contains dataDescriptor and dataValue.

  
dataDescriptor Required.
Specifies how the request should be processed.

The value of dataDescriptor is based on the source of the value of dataValue.
String, 128 characters.

Use COMMON.ACCEPT.INAPP.PAYMENTfor Accept transactions.

For Apple Pay, use COMMON.APPLE.INAPP.PAYMENT.


For Android Pay, use COMMON.ANDROID.INAPP.PAYMENT.

 

 

 

 

 

 




Send feedback at developer_feedback@authorize.net
Anurag
Moderator Moderator
Moderator

‎09-07-2018 10:26 PM

0 Kudos

@Anurag Thanks for your reply.

 

Currently I add a CIM payment profile for a customer (credit card) and then charge it immediately.

 

I'm still puzzled about your comment regarding only being usable for recurring billing. 

What else would a profile be used for? I've been trying to figure out what you meant - could you clarify.

 

simeyla
Contributor
In response to Anurag

‎09-08-2018 05:39 PM

0 Kudos
Copyright © 2024 Khoros, LLC