I'm investigating a possibility to use Apple Pay transactionId in defence for replay attacks across the same payment gate. The defence should rely on a field that participates in the signature and is unique.
But Payment Token Format Reference describes paymentData.header.transactionId as
Transaction identifier, generated on the device.
which is not enough to treat it as globally unique.
Here is a test example of ApplePayJS token:
{
"paymentData": {
"version": "EC_v1",
"data": "...",
"signature": "...",
"header": {
"ephemeralPublicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6jY12R9PoL7bzaC3/ibs6q6+g/cqjSkiO3GVFld2NVUA6kRlq0iJRT+XzfmGFvRs/G2qwgmWY8fKu7p6Ktgxug==",
"publicKeyHash": "AJiEM3d+czut7s1t4QdtRBPjSOxw0D6iWSp1MUdXueM=",
"transactionId": "f8f0c804922303decba1a8a4f7c503df1a6314e44e8db5ae7eb6b7fe0323513b"
}
},
"paymentMethod": {
"displayName": "MasterCard 1471",
"network": "MasterCard",
"type": "debit"
},
"transactionIdentifier": "F8F0C804922303DECBA1A8A4F7C503DF1A6314E44E8DB5AE7EB6B7FE0323513B"
}
In practice it always has the top level transactionIdentifier field matching case-insensitive the nested paymentData.header.transactionId.
And the docs say:
transactionIdentifier
A unique identifier for this payment.
This identifier is suitable for use in a receipt.
Google search also finds How do I process returns with Apple Pay:
In Japan, you can also use the transaction ID on the receipt to find the purchase and process the return.
Also transactionId is 64 hex chars or 32 full bytes long. Which is longer than Unique Transaction Identifier format. So there is enough room for being truly globally unique.
Still looking for more direct credible proofs.