Skip to main content
Use this checklist before you go live with wallet, card, or 3DS flows.

Requirements

Wallet payments do not work on insecure HTTP origins. Serve all checkout pages over https://.
Before you enable Apple Pay in production, download the Apple Pay domain association file and host it at /.well-known/apple-developer-merchantid-domain-association on every domain and subdomain where Apple Pay runs, then share the list of domains with Rinne so they can be submitted to Apple. The file is the same for every merchant. See Apple Pay domain verification for details.
If your application uses CSP headers, allow these origins:
For a successful checkout, users need:
  • A supported browser and device
  • A configured wallet with at least one eligible card
Keep API keys server-side and process encrypted payloads from frontend elements on your backend.

Browser support

Wallet availability also depends on device capabilities and wallet setup. Apple Pay requires Safari configuration, and Google Pay requires at least one registered card.