Generate apple/android wallet passes for tickets

[wlcx]

Would be very cool. I've got a Apple pass signing key from @eeeeeta (thanks eta, theta).

I've got basic generation working from json, so now it would be integrating it with the website.

My main question currently is how to handle the multiple tickets in a typical purchase receipt

[eeeeeta]

My main question currently is how to handle the multiple tickets in a typical purchase receipt

I heard you like zips, so I put some pkpass files (zips) in a bigger zip so you can zip while you zip: https://developer.apple.com/documentation/walletpasses/distributing_and_updating_a_pass#3793284

[wlcx]

Yeah I guess that works. Though, UX around having multiple admission tickets and not transferring them might suck a bit

[lukegb]

I have access to Google Wallet pass generation on my Google account, but we should get it for an EMF merchant if we're going to do this.

[castaway]

Not sure about Apple, but on Google Wallet you can add practically any QR / barcode, so does it need anything special?

[wlcx]

Yeah looks like you can just issue them as-is on android: https://developers.google.com/wallet/retail/offers/overview/add-to-google-wallet-flow#creating-passes-objects-and-passes-classes-in-the-jwt

[lukegb]

Yeah looks like you can just issue them as-is on android: https://developers.google.com/wallet/retail/offers/overview/add-to-google-wallet-flow#creating-passes-objects-and-passes-classes-in-the-jwt

That JWT needs to be signed, and embedded in a URL.

[will-h]

As discussed in https://github.com/pretix/pretix/issues/979 I think the Google Pay option has some privacy concerns, which isn't the case with simply generating a pkpass file offline.

I use the 'PassAndroid' app for pkpass files on Android. Not a perfect solution.

[wlcx]

That JWT needs to be signed, and embedded in a URL.

So it does.

As discussed in https://github.com/pretix/pretix/issues/979 I think the Google Pay option has some privacy concerns, which isn't the case with simply generating a pkpass file offline.

mm, good point. Although - if we generate and sign the JWT ourselves (with keys google presumably issue us) I think that would avoid sending any user data to google? Until the user actually opens the link, of course

[lukegb]

There's new-ish support for private passes, but this might only be supported for COVID/health related documentation, and the flow is quite annoying (doesn't sync between devices, etc.)

I think as long as we make clear that your pass information is being transmitted to Google for the purposes of issuing the pass like in pretix, it's probably not too bad.

[wlcx]

Agreed, especially given we're not actually embedding PII, just an entry code...

[marksteward]

The privacy concern (such as there is) applies to Apple too https://www.apple.com/legal/privacy/data/en/wallet/

When you add a pass, it is associated with your Apple ID and certain pass information may be shared with Apple to help display and manage your pass.

[wlcx]

Personally I think providing the pkpass file to download isn't a privacy concern. We don't need to send any data to any third party to provide it, so it's no different to generating a PDF. People who are privacy conscious enough to be worried are not going to be using Apple/iCloud in the first place :-)

The google wallet stuff is another question, but if we can sign a JWT and provide it by a link without going via google servers, I don't see how it's any different.