slogsdon
commented
7 years ago Hi @ryanwaggoner!
You are correct in saying that this SDK does not currently support Apple Pay specifically. You are also correct in stating that you can use Etsy's PHP extension or our Java SDK to decrypt the Apple Pay payload.
Once decrypted, you will send the network token (the tokenized version of the original PAN) and the other data contained within the decrypted payload to Heartland. Here's where this occurs today in our Java SDK (which has support for Apple Pay): https://github.com/hps/heartland-java/blob/master/src/com/hps/integrator/services/HpsCreditService.java#L383-L391. Essentially, the network token and the expiration date get sent to us as manual entry card data, with the Apple Pay authentication data getting sent via our existing 3DSecure support.
We are aware that the integration process would be easier/simpler if we handled the decryption on our end and have started looking into what would be required to support this internally. That being said, we don't currently have any estimates for when this work might be completed.
It looks like there's no support for Apple Pay in this library, correct?
I'm assuming that if we obtain a payment token on the iOS device and send to our server, we can decrypt outside of the Heartland libs using something like: https://github.com/etsy/applepay-php
But then once we have that decrypted payment info, do we just pass it in like any other card? I haven't done this, so I'm not positive of the actual decrypted payment token format. I'm assuming it's not the original PAN, but some kind of tokenized / alias PAN that Apple gets and stores when you first add your card to Apple Pay. In that case, I'm assuming Heartland doesn't care whether it originated with Apple Pay or somewhere else, correct?
Obviously, it would be far superior to be able to push the encrypted token all the way to Heartland and have you decrypt it, instead of doing so on our server, the way that other processors / gateways offer. Do you have plans to offer that? Any timeline?