Shopify Apple Wallet Loyalty Card Guide (2026)

Email open rates average 21% across DTC. SMS is higher but expensive and increasingly clogged. Apple Wallet passes sit in a separate channel with one structural advantage: they live on the lock screen. When the points balance changes, when an order ships, when a friend uses a referral code, the notification appears next to incoming messages. Open rates above 90% are normal in published case studies.

If your Shopify store has a loyalty program and you are not running an Apple Wallet pass, you are leaving the highest-engagement retention channel on the table.

This guide covers what wallet passes actually do on Shopify, how distribution works, which apps ship the feature, and the one architectural decision most setups get wrong.

What an Apple Wallet loyalty pass actually is

An Apple Wallet pass is a .pkpass file that lives on the customer's phone. It contains a name, a logo, a primary value (points balance, store credit balance, or tier), a secondary value (next reward, referral code), and a barcode or QR code for in-store identification.

The pass is dynamic. When a customer earns or redeems points, the server pushes an update over APNs (Apple Push Notification service). The pass updates silently in the wallet. Optionally, the same push fires a lock-screen notification: "+250 points earned" or "Order #4521 shipped" or "Your friend Jen used your code — you earned $10."

The customer never opens an app. They never tap an email. The pass is in their wallet next to their boarding passes and credit cards, which means it gets opened roughly every time they pay for something with their phone.

Google Wallet passes work the same way on Android. Most apps that ship Apple Wallet also ship Google Wallet, so the channel covers both ecosystems.

Why this is a structural advantage over email and SMS

Three things make wallet passes outperform email and SMS for transactional and retention messaging:

Lock-screen real estate. Email lives in an inbox the customer chooses to open. SMS lives in a thread the customer chooses to read. Wallet pushes appear on the lock screen alongside iMessages and bank fraud alerts. The visual hierarchy is different.

No deliverability cliff. Email gets filtered into promotions tabs. SMS gets reported as spam after the third one in a week. Wallet pushes do not have a deliverability concept. They arrive directly via APNs/FCM, gated only by whether the user has notifications enabled for the pass.

Persistence. Email is read once and archived. SMS is read once and scrolled past. The wallet pass remains on the device indefinitely with current data. A customer who opens their wallet to pay for coffee sees their current points balance and the active rewards available to them.

The trade-off is reach. Wallet passes only exist for customers who have explicitly added the pass to their wallet. The acquisition cost (getting the customer to add the pass) is real and non-trivial. The retention value, once they have it, is the highest of any digital channel.

How distribution works

Customers add the pass to their wallet through one of four channels. Each has different conversion rates.

Post-purchase email. The most common method. An "Add to Apple Wallet" button in the order confirmation email links to the .pkpass file. Single tap on iPhone, the pass installs into the wallet. Conversion rates of 30-50% on first-time buyers are typical.

SMS. A short link sent post-purchase. Higher open rate than email, similar conversion once tapped. Useful for stores already running SMS campaigns.

In-store QR code. A QR code on the receipt, in the bag, or at the register. The customer scans, the pass installs. Conversion is variable but signals strong intent.

Storefront banner or post-purchase page. A button on the order confirmation page or a persistent storefront banner. Lower conversion than email but adds a no-friction option.

The combination that works best is post-purchase email plus SMS for stores that have both channels active. In-store works for omnichannel retailers but adds nothing for pure DTC.

Which apps actually ship Apple Wallet on Shopify

Four serious options as of 2026. Each has a different focus.

JeriCommerce is the most established Shopify-native wallet pass app. The product is purpose-built for loyalty cards, with branded pass design, real-time points updates, and Apple/Google Wallet support. Strong if you want a focused wallet-pass experience without other features attached.

Toki built its whole product around the wallet pass as the primary loyalty surface. The wallet pass is not an add-on; it is the loyalty program. Best for brands that want to skip the points-page-on-a-website experience entirely.

MageComp offers wallet pass functionality as part of a broader Magento and Shopify integrations suite. Lower price point, less Shopify-native polish than JeriCommerce or Toki.

OfferGuard ships an Apple Wallet pass on the Enterprise tier as part of a broader fraud-and-rewards engine. The pass shows live points balance, order status updates (processing, shipped, out for delivery, delivered), and referral attribution events. The angle is different from the other three: the pass is layered on top of a fraud-detection engine, so the points minting to the wallet are gated by identity verification before issuance. None of the other wallet apps verify whether the buyer earning the points is the same person who earned them last week. OfferGuard does.

The one architectural decision most setups get wrong

The default architecture in most wallet-pass setups: customer signs up, gets the pass, earns points based on email-keyed orders, redeems via a coupon code at checkout.

The leak is in the email-keying. A customer who runs four orders through four Gmail aliases earns four sets of points, each on a separate wallet pass. Or worse: a customer who earns 1,000 points on email A and creates email B to claim a welcome offer can also earn referral credit by "referring" email B from email A.

The wallet pass does not cause this leak. The loyalty engine behind the wallet pass causes it. But the wallet pass is what makes it visible to the buyer, who can see their multiple balances on multiple cards and start optimizing.

The fix is to gate points minting and referral credit issuance on an identity check that verifies the buyer is who they say they are, before the wallet pass updates. The pass remains the surface; the engine behind it has to be smarter than email-equals-customer.

This is the architectural decision OfferGuard's Enterprise tier makes that the other wallet-pass apps do not. The same five-signal identity engine (email, phone, address, IP, device signature) that decides whether to honor a welcome discount also decides whether to mint a loyalty point to the wallet. If the engine recognizes the buyer as a returning customer using a fresh email, the points do not mint, the pass does not update, and the referral credit does not issue.

For most stores running pure loyalty without an existing abuse problem, this distinction does not matter much. For stores running aggressive welcome offers, intro pricing, or referral programs alongside loyalty, it is the difference between paying rewards to actual customers and paying rewards to the same person three times under different emails.

What goes on the pass

A well-designed wallet pass is dense but readable on a lock screen. The fields that matter:

• Logo and brand color. The pass shows up alongside the customer's Starbucks card. It needs to be visually distinct and obviously yours.
• Primary value: current points balance. Updated in real time. This is what the customer opens the wallet to see.
• Secondary value: next reward. "750 points away from free shipping" or "Refer a friend for $10 store credit." Gives the pass a reason to be checked.
• Share-and-earn code. The customer's personal referral code, surfaced on the back of the pass with a one-tap copy/share action.
• Order status. When an order is in flight, the back of the pass updates with shipping status (processing, shipped, out for delivery, delivered). The push notification fires on each state change.
• Support contact. Email or URL. Less important on the front, useful on the back.

What does not belong on the pass: long product descriptions, promotional banners, anything that requires the customer to read more than 10 words at a glance. The pass is a glanceable surface, not a marketing canvas.

Push notification mechanics

APNs (for iOS) and FCM (for Android) deliver the pushes. Both are gated by the customer enabling notifications for the pass.

The notifications that matter most are the ones that show value. From production telemetry across multiple Shopify stores, these are the events that drive the highest open rates and the lowest unsubscribe rates:

• Points earned. "+250 points from order #4521. New balance: 1,820 points." Fires post-purchase, ideally within 60 seconds of orders/paid.
• Reward unlocked. "You just unlocked free shipping on your next order." Fires when the customer crosses a points threshold.
• Order shipped / delivered. "📦 Your order shipped. Expected Tuesday." Fires on Shopify's fulfillments/create and orders/fulfilled webhooks.
• Referral attributed. "🎉 Jen used your code. You earned $10 in store credit." Fires when a referral redemption succeeds.

What does not work as push: weekly newsletters, sale announcements, anything the customer did not specifically opt into. Wallet push has the same "do not abuse this channel" rule as SMS, and the unsubscribe is one tap (remove pass from wallet) instead of three (find unsubscribe link, click, confirm).

The frequency that works in practice: zero to four pushes per active customer per month, all transactional or genuinely earned-by-the-customer events. Stores that go above that see pass-removal rates climb.

Where to start

For stores not yet running a wallet pass, the order of operations:

1. Pick the platform. JeriCommerce or Toki for pure-play loyalty with wallet pass as the centerpiece. OfferGuard Enterprise if you also have a promotional-abuse problem you want solved alongside the loyalty layer. MageComp for budget-constrained stores.

2. Design the pass. Five design presets are usually enough. Match the brand's existing color and logo. The pass should look like it came from the same studio as the website.

3. Wire the distribution. Post-purchase email button is the minimum. SMS, in-store QR, and storefront banner come next.

4. Decide on push notification policy. Transactional events only is the safe default. Promotional pushes need explicit opt-in. Frequency cap at four per month.

5. Monitor the unsubscribe rate. If pass-removals spike, the push frequency is too high or the messaging is too promotional. Wallet passes are a relationship, not a channel.

For stores already running a wallet pass through one of the loyalty apps but seeing abuse on the loyalty side (multiple accounts earning under different emails, referral credits issuing to the same person), the fix is upstream of the wallet pass: gate the points minting on identity verification. The wallet surface stays the same; the engine behind it gets smarter.

Frequently asked questions

Does this work for Android customers too?

Yes. Most wallet-pass apps on Shopify ship both Apple Wallet and Google Wallet versions. The customer experience is nearly identical. Google Wallet adoption is lower than Apple Wallet adoption (Apple users use their wallet more), but the technology works on both.

Can I send marketing campaigns through the wallet pass?

Technically yes, practically no. APNs and FCM push notifications have higher visibility than email or SMS, which means they have a higher bar for relevance. Sending a "20% off this weekend" push to a wallet pass annoys customers faster than the same push to an email inbox. The pass-removal action is one tap. Stick to transactional and earned events.

What does the wallet pass cost the merchant?

The pass file itself is essentially free to generate. The cost is in the loyalty platform that issues and updates passes. JeriCommerce and Toki are subscription apps in the $50-$300/mo range depending on volume. OfferGuard Enterprise bundles the wallet pass with the fraud-and-rewards engine at $900/mo for stores that want the consolidated stack.

How do I get customers to add the pass in the first place?

Post-purchase email with an "Add to Apple Wallet" button converts best, typically 30-50% on first-time buyers. SMS with a tap-to-add link is the second-best channel. In-store QR codes work for omnichannel retailers. Storefront banners convert least well but add a no-friction option for repeat visitors.

Does the wallet pass replace my email newsletter?

No. The wallet pass is a transactional and retention channel. Email is still the right channel for promotional campaigns, content marketing, and brand-building. The wallet pass replaces the SMS budget for stores that were using SMS primarily for transactional updates.

What happens when a customer redeems all their points?

The pass updates to show the new (lower) balance. The push notification fires confirming the redemption. The customer continues to use the pass as before, now with a different balance and a new "earn more points to unlock" target on the secondary value.

Can OfferGuard's wallet pass work alongside Smile.io or LoyaltyLion?

The wallet pass on the Enterprise tier ships with OfferGuard's native loyalty program. Running it alongside Smile or LoyaltyLion would duplicate the points accounting. If you are happy with Smile's loyalty mechanics, use OfferGuard for the fraud-prevention side (Sentinel or Fortress) and keep Smile for loyalty. The Enterprise tier is for stores that want to consolidate the entire stack into one engine.

What to do next

If you want the wallet-pass-as-loyalty-card experience without rebuilding your fraud stack, JeriCommerce or Toki are the right starting points. Both are mature, focused, and Shopify-native.

If you want the wallet pass and the loyalty program and the fraud detection and the referral protection in one engine, install OfferGuard's free Watchdog plan to see your fraud-side exposure first. The Enterprise tier ($900/mo) adds the wallet pass, native loyalty, referral program, and push notification stack.

For the full mechanics of how identity-based enforcement runs at Shopify checkout, how OfferGuard works walks through the pipeline step by step.