This article provides step-by-step instructions for configuring Apple Pay with FreedomPay as the payment processor. It covers generating and uploading the required certificates, setting up Merchant Identity, and completing the final configuration steps in the Admin Dashboard.

Before starting, the client must have one of the following:

Skip this section if the client is on the Lunchbox Apple account. Only complete this section if the client has their own Apple Developer Portal account.

Step 1: Navigate to https://developer.apple.com/account/resources/identifiers/list/merchant

Step 2: Click on the + button next to "Identifiers"

Step 3: Scroll down and select Merchant IDs

Step 4: Select the Continue button

Step 5: Fill out the details for the Merchant ID. The Description should be client's name

Step 6: Set the Identifier as merchant.com.{client name with no spaces or special characters}

a. ie. merchant.com.sarahssweets

Step 7: Next, select the Continue button

Step 8: Select the Register button

Step 9: You'll be redirected back to the Identifiers list. Select the newly created Merchant Identifier (if you don't see it, ensure "Merchant IDs" is selected from the top right dropdown).

Step 10: Next, you'll see the Edit or Configure Merchant ID page.

For the Payment Processing Certificate, FreedomPay provides the CSR directly from their Enterprise Portal. There is no Mac Keychain step for this flow.

To configure Payment processing,

Step 1: Navigate to Administration> RSA Key Management or follow https://enterprise.uat.freedompay.com/Keys

Step 2: In the Filter section, select Apple Pay from the RSA Key provider dropdown

Step 3: Select Create New RSA Key

Step 4: In the pop-up modal:

Step 5: The option to download the CSR file will appear (ONLY ONCE). Select Download CSR

Step 6: Then we need to navigate to the Apple console https://developer.apple.com/account/resources/identifiers/list/merchant and select Freedom Pay

Step 7: Find the section Apple Payment Processing Certificate and select Create Certificate

Step 8: For the question "Will payments associated with this Merchant ID be processed exclusively in China mainland?" select No and select Continue

Step 9: Upload the CSR file we got from the Freedom Pay dashboard

Step 10: Download the Apple Pay Payment Processing certificate

Step 11: We go back to the Freedom Pay Dashboard. Navigate to Administration> RSA Key Management. Find the Provider Merchant ID and select Options> Upload Certificate

Step 12: The uploader window will appear. Attach the apple_pay.cer file we previously grabbed from the Apple developer console and select Upload

The success message will be displayed

For the generation of the Merchant Identity Certificate, we must use Mac OS and follow the steps:

Step 1: Using a Mac, navigate to Finder>Go>Applications>Search Keychain Access>Double Click Keychain Access

Step 2: Next, in the Top Navigation Bar, click Keychain Access>Certificate Assistant>Request a Certificate from a Certificate Authority

Step 3: Fill out the following details...

a. The User Email Address and Common Name should be your name and Lunchbox email address.

b. Select "Saved to disk" (this will uncheck Emailed to the CA)

c. Select "Let me specify key pair information"

Step 4: Next, select Continue and specify your download destination. It will ask you for Key Pair Information.

Step 5: Select the Algorithm of "ECC"

Step 6: Select the Key Size of "256 bits",

Step 7: Select Continue

Step 8: Select Done

Step 9: Save the file using a descriptive name so that you can locate it, e.g, Apple Pay Payment Processing Cert (CHAIN NAME)

Next, we are going to generate a CSR for the merchant identity certificate:

Step 1: Once again, on your Mac, navigate to Finder> Go> Applications> Search Keychain Access> Double Click Keychain Access

Step 2: In the Top Navigation Bar, click Keychain Access> Certificate Assistant> Request a Certificate from a Certificate Authority

Step 3: Fill out the following details:

a. The User Email Address and Common Name should just be your name and Lunchbox email address.

b. Make sure to select "Saved to disk" (this will uncheck Emailed to the CA)

c. Make sure NOT to select "Let me specify key pair information".

Step 4: Select Continue and specify your download destination

Step 5: Save the file using a descriptive name so that you can locate it

The steps for creating the Apple Pay Payment Certificate and Apple Pay Merchant Identity Certificate are very similar. Here's how to Create Apple Pay Payment Processing Certificate:

Step 1: Navigate back to the merchant identifier that you created in the first part of this article so that we can upload our certificate signing requests

Step 2: Under Apple Pay Payment Processing Certificate, click Create Certificate

Step 3: Click No under will payments associated with this Merchant ID be processed exclusively in China mainland?

Step 4: Select Continue

Step 5: Upload the corresponding certificate to the Certificate Signing Requests the file should be on your local device

Step 6: Select Continue

Step 7: On the Certificates, Identifiers & Profiles page of the chain you are configuring, find the Apple Pay Payment Processing Certificate subheader and select the Download button

Step 8: Find the Apple Pay Merchant Identity Certificate subheader and select the Download button

Now that you have the Apple Pay Payment Processing Certificate and Apple Pay Merchant Identity Certificate, it's time to convert them to P12 files.

To convert the files into P12 files, on your Mac:

Step 1: Download the CertOpen Key Chain access again and drag and drop the newly downloaded certificate onto the key chain screen.

💡Be careful to remove any additions to the cert name (such as versions (1)) that can be caused by having multiple downloads in your downloads folder.

💡Sometimes the certificate will not appear automatically. Try clicking iCloud and then back to login to refresh the cache.

Step 2: Select the carrot next to the certificate you are looking to convert to a P12 file.

Step 3: Right-click Export

Step 4: Name the Certificate something specific to what it is:

a.Chain Name Apple Pay Payment Processing Certificate OR

b. Chain Name Apple Pay Merchant Identifier Certificate

c. Make sure the File Format is Personal Information Exchange (.p12)

Step 5: Select the Save button

Step 6: Add the following to both the Password and Verify fields: LunchboxIdentifier1203!

Step 7: Select the OK button

Step 8: Next, enter the password used to log in to your Mac

Step 9: Select the Allow button

Step 10: Now that you have the Apple Pay Payment Processing & Merchant Identity Certificates downloaded to your computer, you will want to upload both files into this folder. Create a client-specific folder and upload the files for future reference

WARNING:

Access the Admin dashboard of the chain that needs Apple Pay configuration and navigate to Settings> Apple Pay. The first thing that needs to be set is the Developer MerchantID Association, which is a text file uploader. You can upload files in the .txt and .vim format.

To get the text file that should later be uploaded to the Developer MerchantID Association,

Step 1: Log in to developer.apple.com

Step 2: Copy the URL https://developer.apple.com/account/resources/identifiers/list/merchant

Step 3: Find your payment processor's name in the identifier list and select it. We used Lunchbox Adyen in this example.

Step 4: You'll be navigated to the Edit or Configure Merchant ID page. Scroll down to Merchant Domains and select the Add Domain button.

Step 5: You'll get navigated to the Register Domain Page. Enter the Netlify domain you want to register in the text field. Keep in mind that the domain should be in format e.g. pgtest.netlify.app (no https://) Before launch you will need to configure this for the order.chainname.com site.

Step 6: Select the Save button to save your domain

Step 7: As you select the Save button, the new options will appear - to Download and Verify your domain. Select Download to get the text file for Developer MerchantID Association. This file will be in .TXT format. Do not close this page, we'll return to it in a bit.

Step 8: After downloading the text file, find it in your local storage, then return to Admin dashboard > Settings> Apple Pay, and in the Developer Merchantid Association select the Update button.

Step 9: The pop-up window will appear with the option to upload the previously downloaded .txt file. Select the Upload File button or drag and drop the .txt file.

Step 10: Select the Save button to save your uploaded file

Step 11: Return to the verification page in the Apple Developer Portal and select Verify to verify your domain

Step 12: Navigate back to the Edit or Configure Merchant ID page (described in step 4) and scroll all the way down. There you'll find Merchant Domains, and the one you just verified will be listed too. The Verify button will be grayed out.

After uploading the P12 files for the Apple Pay Payment Processing Certificate and Apple Pay Merchant Identity Certificate and their associated passwords, we can continue with other Apple Pay Configuration steps:

The Merchant ID and Merchant Name should be chain-specific, with the chain name found in the first part of the ND dashboard URL. To locate it, go to the Admin Dashboard, select Jump to Old Admin, and you’ll be redirected to the ND Admin. Check the URL and copy the chain name.

For example, if you’re in Friendly’s Admin Dashboard and select Jump to Old Admin, the new URL will be . In this case, copy "friendlys" and use it as the Merchant ID and Merchant Name"friendlys" and use it as the Merchant ID and Merchant Name

Follow the same steps for the Merchant ID and Merchant Name:

Merchant identifiers can be found in the Apple Developer Portal and then copied over to the Admin Dashboard. To find it and set it up:

Step 1: Open Apple Developer Portal

Step 2: Navigate to https://developer.apple.com/account/resources/identifiers/list/merchant

Step 3: Find your payment processor's name in the identifier list

Step 4: Copy the identifier that has been configured

Step 5: Go to Admin Dashboard> Settings> Apple Pay

Step 6: Find Merchant Identifier

Step 7: Select Update

Step 8: Paste the previously copied identifier

Step 9: Select the Save button

Step 1: Navigate to Design> Web> Payment option> Merchant ID

Step 2: Toggle on to enable Apple Pay

Step 3: Paste the Merchant ID in the text field

Step 4: Select the Save button

We also need to add the Merchant identifier and enable Apple Pay for Mobile apps. Here's how to do it:

Step 1: Navigate to Design> Mobile App > Mobile Payments > Merchant ID

Step 2: Toggle on to enable Apple Pay

Step 3: Paste the Merchant ID in the text field

Step 4: Select the Save button

In the Admin Dashboard, navigate to Settings > Apple Pay to find the Tokenization Type setting.

For direct integrations, the Tokenization Type should be set to DIRECT, while for non-direct integrations, it should be PAYMENT_GATEWAY.

The Tokenization parameter is used only for Finix. If we change the Tokenization type from DIRECT to PAYMENT_GATEWAY, then the processor will start respecting what's in the Tokenization parameter. It's telling the system that the way we pass over the card data is now tokenized and it's not raw card data.

The Public key always stays the same; we don't change it.