Apple Pay merchant tokens
Learn how to use Apple Pay merchant tokens for recurring, deferred, and automatic reload payments.
An Apple Pay merchant token (MPAN) ties together a payment card, a business, and a customer, and enables the wallet holder to manage access to a card stored in their Apple Wallet. Apple Pay’s latest guidelines recommend merchant tokens over device tokens (DPANs) because merchant tokens:
- Allow for continuity across multiple devices
- Enable recurring payments independent of a device
- Keep payment information active in a new device even when it’s removed from a lost or stolen device
- Come with lifecycle management features to monitor changes to a token or to see if a token has been revoked
Merchant token types
You can use Apple Pay to request an MPAN in three ways. Each type of request has different parameters that affect how the user is presented with Apple Wallet. Almost all request types provide the option to supply a managementURL
, which routes customers to a webpage to manage their payment methods. If you request an MPAN and the issuer supports MPAN generation, you receive an MPAN. Otherwise, you receive a DPAN.
MPAN request type | Use case | Support |
---|---|---|
Recurring PKRecurringPaymentRequest | Issues an MPAN for use in a recurring payment such as a subscription. |
|
Automatic reload PKAutomaticReloadPaymentRequest | Issues an MPAN for use in a store card top-up or prepaid account. Supported parameters:
|
|
Deferred payment PKDeferredPaymentRequest | Issues an MPAN for use in reservations such as hotels. Supported parameters:
|
|
Add Apple Pay merchant tokens
You can add a merchant token when presenting Apple Pay in the Express Checkout Element, web Payment Element, and mobile Payment Element. Stripe automatically handles merchant token requests in Stripe Checkout integrations.
Merchant token auth rate monitoring
For Sigma users, the charges
table contains a card_
enum field to indicate the charge is using an mpan
or dpan
card. The following Sigma query example calculates the MPAN auth rate:
-- deduplicated MPAN auth rate select 100.0 * count( case when charge_outcome in ('authorized', 'manual_review') then 1 end ) / count(*) as deduplicated_auth_rate_pct, count(*) as n_attempts from authentication_report_attempts a join charges c on c.id = a.charge_id where c.created >= date('2021-01-01') and c.card_tokenization_method = 'apple_pay' -- The new field added to charges table. and c.card_token_type = 'mpan' -- deduplicate multiple manual retries to a single representative charge and is_final_attempt