What is a cryptogram
In digital payments made through Apple Pay, Google Pay, or other wallets, your real card number is never transmitted to the merchant. Instead, the system generates a cryptogram โ a unique encrypted code tied to a specific transaction.
The cryptogram contains encrypted information about the card token, transaction amount, timestamp, and other parameters. Your issuing bank decrypts it and uses that data to decide whether to authorise the payment. A cryptogram is single-use: it is valid only for one payment request and only for a very brief window of time.
Why a cryptogram becomes invalid
The "Cryptogram Invalid" error can occur for several reasons:
- Cryptogram has expired. If too much time passed between when the cryptogram was generated and when the payment request was sent โ often just a matter of seconds โ it is no longer valid.
- Cryptogram re-use attempted. Sending the same cryptogram twice (for example, by double-tapping the "Pay" button) causes a rejection, because it has already been consumed.
- Counter synchronisation error. Apple Pay and Google Pay cryptograms are linked to an internal transaction counter called the ATC (Application Transaction Counter). A mismatch between the counter on your device and the one at your bank results in an invalid cryptogram.
- Card token is invalid. If the Device Account Number (DAN) has been revoked or expired, any cryptogram built on top of it will also be invalid.
- Acquirer or merchant-side issue. Sometimes the error is generated by the merchant's payment gateway โ incorrect server-side handling of the cryptogram data.
- Broken NFC session. During a contactless payment, an interrupted NFC session can produce a partially formed or corrupted cryptogram.
Step-by-step fix
- Start the payment over from scratch. Do not tap "Retry" โ go back to the beginning of the checkout flow. The system will generate a fresh cryptogram.
- Remove the card from your wallet and add it again. This re-synchronises the transaction counter and creates a new token with a reset ATC. In Apple Pay: Wallet โ card โ Remove โ add back. In Google Pay: pay.google.com โ Payment methods โ remove โ add back.
- Restart your device. This resets the NFC controller and clears any session-level errors.
- Update your wallet app. Make sure Apple Wallet or Google Pay is running the latest version.
- Contact your bank. Ask them to check the token status and reset the ATC counter if necessary.
- Report the issue to the merchant. If the error only occurs at one merchant or website, the problem may be in their payment gateway. Contact the store's support team.
FAQ
Could an invalid cryptogram cause money to be deducted from my account? No. If the cryptogram is invalid, the bank rejects the transaction before authorising it โ no funds are moved. If you see a pending hold, it will be released automatically within a few days.
How common is this error? For most users it is extremely rare. Cryptograms work reliably when the connection is stable and tokens are current. If the error recurs frequently, the likely cause is an issue with the card token or the ATC counter.
How is a cryptogram different from a CVV? A CVV is a static code printed on your card. A cryptogram is a dynamic, one-time code generated for each individual transaction. This is why digital wallets are considered more secure than manually entering your card number.
If your digital wallet regularly produces cryptogram errors, try a Marix virtual card โ it is compatible with Apple Pay and Google Pay and operates without typical tokenisation issues.

