Skip to content
/
Wallet token decryption A...

Wallet token decryption API (1.0.0)

This API enables you to decrypt Apple Pay and Google Pay payment tokens on your backend systems. The decryption service processes encrypted wallet tokens and returns the decrypted payment data, including card details, cryptograms, and authentication information necessary for transaction processing.

Download OpenAPI description
wallets.json
wallets.yaml
Languages
Servers
Production environment
https://api-services.pxp.io/api/v1/
Sandbox environment
https://api-services.test.pxp.io/api/v1/

Decrypt a wallet payment token

Request

Decrypts an encrypted payment token from Apple Pay or Google Pay. This endpoint allows you to process wallet payment tokens on your backend, extracting the necessary payment and authentication data required for transaction authorisation. The decryption process validates the token integrity and returns structured payment information specific to the wallet provider.

Path
walletstringrequired

The wallet provider type. Specify ApplePay for Apple Pay tokens or GooglePay for Google Pay tokens.

Enum"ApplePay""GooglePay"
Example: ApplePay
Bodyapplication/jsonrequired

The encrypted wallet token and associated site identifier.

tokenstringnon-emptyrequired

The encrypted payment token provided by the wallet provider (Apple Pay or Google Pay). This token contains the encrypted payment data that needs to be decrypted to process the transaction.

Example: "encrypted-token-string-here"
siteIdstring<= 20 charactersrequired

Your unique site identifier, as assigned by PXP. This value is used to validate the decryption request against your configuration.

Example: "SITE-1"
curl -i -X POST \
  https://api-services.pxp.io/api/v1/wallets/ApplePay/decrypt-token \
  -H 'Content-Type: application/json' \
  -d '{
    "token": "eyJzaWduYXR1cmUiOiJNSUFHQ1NxR1NJYjNEUUVIQXFDQU1JQUNBUUV4RHpBTkJnbGdoa2dCWlFNRUFnRUZBRENBQmdrcWhraUc5dzBCQndFQUFLQ0FNSUlEV2pDQ0FrS2dBd0lCQWdJSWRrdXpHbmkzK0lBd0NnWUlLb1pJemowRUF3SXdlakV1TUMwR0ExVUVBd3dtUVhCd2JHVWdRWEJ3YkdsallYUnBiMjRnU1c1MFpXZHlZWFJwYjI0Z1EwRWdMU0JITXpFbU1DUUdBMVVFQ3d3ZFFYQndiR1VnUTJWeWRHbG1hV05oZEdsdmJpQkJkWFJvYjNKcGRIa3hFekFSQmdOVkJBb01Da0Z3Y0d4bElFbHVZeTR4Q3pBSkJnTlZCQVlUQWxWVE1CNFhEVEU1TURreU5USXhORFF4TmxvWERUSTBNRGt5TXpJeE5EUXhObG93WGpFeU1EQUdBMVVFQXd3cFFYQndiR1VnVUdGNWJXVnVkQ0JRY21samFXNW5JRk5sY25acFkyVnpJRTFsY21Ob1lXNTBJRWxFTVJNd0VRWURWUVFLREFwQmNIQnNaU0JKYm1NdU1Rc3dDUVlEVlFRR0V3SlZVekJaTUJNR0J5cUdTTTQ5QWdFR0NDcUdTTTQ5QXdFSEEwSUFCT09raUFCYzROY3Z5aU5oT3kwREFWc1A2SStGWk5KVjk2Z2VBa25nZGhtVUlGWGJOb1ltTlRQQ3VpM2s0SlNVOGJrU0VHUnFlbjl6a1h3Q3crVGMrQXpDamdnRlJNSUlCVFRBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkRjN2pIb0ppRGIzZHhlNmdoV09aWWFaNFo4Z01FY0dDQ3NHQVFVRkJ3RUJCRHN3T1RBM0JnZ3JCZ0VGQlFjd0FZWXJhSFIwY0RvdkwyOWpjM0F1WVhCd2JHVXVZMjl0TDI5amMzQXdNeTFoY0hCc1pXRnBZV05oTXpBeU1ERE1CSUdBMVVkSUFRTk1Bc3dDUVlIWTJGb1lXRkhNQkFHQ2lxR1NJYjNZMlFGQmdRQ0FnUUFNRFFHQTFVZEh3UXRNQ3N3S2FBbm9DV0dJMmgwZEhBNkx5OWpjbXd1WVhCd2JHVXVZMjl0TDJGd2NHeGxZV2xqWVRNdVkzSnNNQjBHQTFVZERnUVdCQlNIb1pUWnE5VnM0L3NKY2RhczJFbGJqb29Bb2pBT0JnTlZIUThCQWY4RUJBTUNCNEF3RHdZSktvWklodmRqWkFZZEJBSWZBQUFLQmdncWhrak9QUVFEQWdOSUFEQkZBaUF6U0tQUGxheWU3a0t3Q2RnTjdybjRIcStFenVSREZXTzdPR2RRMjBZZnp3SWhBTjlGaGd6Y01wOFJ4ZFQ4NWxPdk5kZnhGbXBCTzNGN1V2bE9jVm9LaEdTT01JSURMRENDQXErZ0F3SUJBZ0lJREZsUVAvcVdQYjR3Q2dZSUtvWkl6ajBFQXdJd2F6RXBNQ2NHQTFVRUF3d2dRWEJ3YkdVZ1FYQndiR2xqWVhScGIyNGdTVzUwWldkeVlYUnBiMjRnUTBFeEdqQVlCZ05WQkFzTUVVRndjR3hsSUVObGNuUnBabWxqWVhScGIyNHhFekFSQmdOVkJBb01Da0Z3Y0d4bElFbHVZeTR4Q3pBSkJnTlZCQVlUQWxWVE1CNFhEVEl3TURReE5qRXlOVEF6TmxvWERUSTFNRFF4TlRFeU5UQXpObG93ZWpFdU1Dd0dBMVVFQXd3bFFYQndiR1VnUVhCd2JHbGpZWFJwYjI0Z1NXNTBaV2R5WVhScGIyNGdRMEVnTFNCSE16RW1NQ1FHQTFVRUN3d2RRWEJ3YkdVZ1EyVnlkR2xtYVdOaGRHbHZiaUJCZFhSb2IzSnBkSGt4RXpBUkJnTlZCQW9NQ2tGd2NHeGxJRWx1WXk0eEN6QUpCZ05WQkFZVEFsVlRNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUU3NHU3ODFHekJJZUljUTU0cXJsV2JSQVJtbVU3RUI0bW50VjhkdFJYMzdPNXhmMWlFdHFLNDB5eGgyRFhtS0tNMjk3ME5ZT3hFdUxXVmQ3Z2lSNXh6QUtPQjh6Q0I4REFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQjhHQTFVZEl3UVlNQmFBRkI4R0hhMHp3TURhVUxYWno4VWVTVFBmU1RuOE1FUUdDQ3NHQVFVRkJ3RUJCRGN3TlRBekJnZ3JCZ0VGQlFjd0FZWW5hSFIwY0RvdkwyOWpjM0F1WVhCd2JHVXVZMjl0TDI5amMzQXdNeTFoY0hCc1lXbGpZVE13TURNR0ExVWRId1FzTUNvd0tLQW1vQ1NHSW1oMGRIQTZMeTlqY214dVlYQndiR1V1WTI5dEwyRndjR3hsWVdsallTNWpjbXd3SFFZRFZSME9CQllFRkRjN2pIb0ppRGIzZHhlNmdoV09aWWFaNFo4Z01BNEdBMVVkRHdFQi93UUVBd0lCQmpBUUJnb3Foa2lHOTJOa0JnSUJCQUlGQURBS0JnZ3Foa2pPUFFRREFnTklBREJGQWlCZkgyZGlLTjc0NWVLb21rSUFKT2xYMmdLZ0RDRUE3QklVV0pFUTdUY0hiQUloQU1lTjdrMVU5TGpVcStWdmRKM0lQQzN3Z1lQOHRyeE51OXlVQWNMSlBNcUZyTUlJQ1BqQ0NBY09nQXdJQkFnSUJBVEFLQmdncWhrak9QUVFEQWpCbk1SczBZVFkRVkJBME1FRndjR3hsSUZKdmIzUWdRMEVnTFNCSEpERXBNQ2NHQTFVRUN3d2dRWEJ3YkdVZ1EyVnlkR2xtYVdOaGRHbHZiaUJCZFhSb2IzSnBkSGt4RXpBUkJnTlZCQW9NQ2tGd2NHeGxJRWx1WXk0eEN6QUpCZ05WQkFZVEFsVlRNQjRYRFRFME1EUXpNREU0TURrd05Gb1hEVE01TURRek1ERTRNRGt3TkZvd2F6RXBNQll3SzlBY0dBMVVFQXd3Z1FYQndiR1VnUVhCd2JHbGpZWFJwYjI0Z1NXNTBaV2R5WVhScGIyNGdRMEV4R2pBWUJnTlZCQXNNRVVGd2NHeGxJRU5sY25ScFptbGpZWFJwYjI0eEV6QVJCZ05WQkFvTUNrRndjR3hsSUVsdVl5NHhDekFKQmdOVkJBWVRBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFOE5waDBlbjBwdjFYMFFqWVdsVGRtNWpMdG10bzJ3ZWIrc1crNmpCM1BBVERHRTE3Z2REUTNLZmxuY3dOWUJrY1RjcXE3bTFGeHdQRXJNcWlJZFRIZEtLTkNNRUF3SFFZRFZSME9CQllFRkI4R0hhMHp3TURhVUxYWno4VWVTVFBmU1RuOE1BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RnWURWUjBQQVFIL0JBUURBZ0VHTUFvR0NDcUdTTTQ5QkFNQ0EyZ0FNR1VDTVFDUi9xM0NnYjFIWDhxRW9KSzFrREhtekQrMGhRajk3WGZVd0xYSGlqcy9EdHorUmh4SFJjR2JOK2ZwT0psYzFjQ01CemhKOWNUc1BlYUFvdS9XcG5TVytPdTZkTzBvWU8zL0hIcUJDdHhlN05RQ1NWNFM3K0w4UVFjYld3VlBtVXNBPT0iLCJoZWFkZXIiOnsiZXBoZW1lcmFsUHVibGljS2V5IjoiTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFMkNCQ2tHZmdNWUVBTkgwRXVIcER1bUhqcHhKK1BSVVdETzNzL3pNV216bXZtcUhZZkNCZGJDeFo5RjJRd3RYa05YVTNUMHhqNUxyNjJBS3pqcHlCQT09IiwicHVibGljS2V5SGFzaCI6ImxKbWhTUktwZ1ZaN29yYmxNVnBybGRWTkFmVjJRY2o0OVpWc1BqeVJ0VlE9IiwidHJhbnNhY3Rpb25JZCI6IjI1NTEwZjMwMGQxOTk5NDhkOWI3YmFiYzk4MTI5ZGU2ODVkNjM5YjJjOWYyMjZjYmUxYmU2ZDkwZWUyYTdmNzAifSwiZGF0YSI6IjQ4ZEVHdU9sUHJJQTJUNkFWYnFUVGxkek8vRW95bWhDWjhhSXlzekQ2TkpqcW1ibWEzY1RXVTBzK3RFT0xpajdMZ1dpeEE3VzhVMUR2d2xtMEgvQTNKQWlENEVWK1FFS3lKNU80SDFSL2VrZVBLOVVWTWp0RHprbG1DUGoxWEpOV0pmQzFtUGNrdjcvUllwMmVaL0hJbXUxT29JcDdJN0JNN29rSkJaQlhxeGpTZlBhZ2JtaW1IQ0lSQUdPZ01RN0RGd2F0OGhDK3FhRmVkd01hN2J4QW5QMTJzTlN4dzZMNUZnLzNUTE9VV0pCSEw4Mjc0QXpjN3lsNlVBWk9ENmwyV21ZRmI1MEdVQ3RieGRxTmdyenhTL0lUUTUxL2lieFRqSGlsZlJSQ05RbHBRQzk1dUdYSnhPRXJpZm1GZy90U2YxWXpqRDJCZ0NEYnhkcVNIZk5qPSIsInZlcnNpb24iOiJFQ192MSJ9",
    "siteId": "SITE-1"
  }'

Responses

Successful decryption

Bodyapplication/json
One of:

The decrypted Apple Pay payment token containing all necessary payment and authentication data for processing the transaction.

decryptedAtstring(date-time)required

The timestamp when the token was decrypted, in ISO 8601 format with UTC timezone.

Example: "2025-10-09T04:44:37.7062965Z"
applicationPrimaryAccountNumberstring^[0-9]{13,19}$required

The device-specific account number (DPAN) or funding primary account number (FPAN) for the payment card. This number is used to process the transaction and may differ from the actual card number.

Example: "5204240492932939"
applicationExpirationDatestring^[0-9]{6}$required

The expiration date of the payment card, in YYMMDD format.

Example: "280930"
currencyCodestring^[0-9]{3}$required

The currency code for the transaction, in ISO 4217 format.

Example: "840"
transactionAmountinteger>= 0required

The transaction amount in the smallest currency unit (e.g., cents for USD). For example, 2599 represents $25.99.

Example: 2599
cardholderNamestring or null

The name of the cardholder as it appears on the card. May be null if not provided by Apple Pay.

Example: "John Doe"
deviceManufacturerIdentifierstringrequired

A unique identifier for the device manufacturer, used for fraud detection and device verification.

Example: "050110030273"
paymentDataTypestringrequired

The type of payment data included in the token, indicating the authentication method used.

Enum"3DSecure""EMV"
Example: "3DSecure"
paymentDataobjectrequired

The payment cryptogram and additional authentication data required for transaction authorisation.

paymentData.​onlinePaymentCryptogramstringrequired

The cryptogram generated by the secure element for online payment authentication. This is used to verify the authenticity of the transaction.

Example: "APTMvCowhE0lATGzpcW9AoABFA=="
paymentData.​eciIndicatorstring

The Electronic Commerce Indicator (ECI) value for 3D Secure transactions.

Example: "7"
authenticationResponsesArray of objects

An array of authentication responses from various verification methods. May be empty if no additional authentication was performed.

merchantTokenIdentifierstring or null

A unique identifier for merchant tokens, used when the payment is associated with a recurring or subscription payment.

Example: "MTK-1234567890"
merchantTokenMetadatastring or null

Additional metadata associated with the merchant token, if applicable.

Example: "{\"subscription_id\":\"sub_123\"}"
siteIdstring<= 20 charactersrequired

The site identifier that was used for the decryption request.

Example: "SITE-1"
Response
application/json
{
  "decryptedAt": "2025-10-09T04:44:37.7062965Z",
  "applicationPrimaryAccountNumber": "5204240492932939",
  "applicationExpirationDate": "280930",
  "currencyCode": "840",
  "transactionAmount": 2599,
  "cardholderName": null,
  "deviceManufacturerIdentifier": "050110030273",
  "paymentDataType": "3DSecure",
  "paymentData": {
    "onlinePaymentCryptogram": "APTMvCowhE0lATGzpcW9AoABFA=="
  },
  "authenticationResponses": [],
  "merchantTokenIdentifier": null,
  "merchantTokenMetadata": null,
  "siteId": "SITE-1"
}
©2025 PXP Financial. PXP Financial Registered Office: The Corn Mill - 1 Roydon Road - Stanstead Abbotts - Hertfordshire - SG12 8XL - United Kingdom Phone +44 2038850598. PXP Financial is Authorised By The Financial Conduct Authority And Our Financial Services Register Number is 504318.