Google Pay
Implementation guide for the Google Pay direct integration
1. Integration Google Pay API and Payment button
Start with implementing the Google Pay API to receive encrypted Google Pay tokens. Following this step-by-step guide integration tutorial from Google to learn how it works.
Before you can start, you need to create a Google developer account and select
datatrans
as your payment gateway in the sign-up process. Additionally, make sure to whitelist all domains (including subdomains) from which you intended to call the Google Pay API in your Google developer account.
When you submit a payment request to the Google Pay API, make sure to specify datatrans
as the PSP.
Example
const tokenizationSpecification = {
type: 'PAYMENT_GATEWAY',
parameters: {
'gateway': 'datatrans',
'gatewayMerchantId': 'PCIP_merchantId' // This value is available in the PCI Proxy Dashboard
}
};
Payment button implementation
To collect cards stored in the Google wallet, integrate the Google Pay button according to the Google brand guidelines on your checkout page.
2. Convert Google Pay tokens into a PCI Proxy alias
Look for the PaymentMethodTokenizationData
under the PaymentMethodData
property in the Google API response. You will find the encrypted Google Pay token and related card information there.
Submit the Google Pay token to the PCI Proxy Vault endpoint to convert the Google Pay token into a PCI Proxy one.
curl --request POST \
--url https://api.sandbox.datatrans.com/v1/aliases/tokenize \
--header 'Authorization: Basic {{basicAuth}}' \
--header 'Content-Type: application/json' \
--data '{
"requests": [
{
"type": "GOOGLE_PAY",
"token": "{\"signature\":\"MEYCIQD559RrzAfNW3mfmehndtSlAXcC+lOWUg6RBc0dOtmdxgIhAIdv0miM/oRQ8xfPa/p3uovbs+27tOMXaaAACLwobZf1\",\"intermediateSigningKey\":{\"signedKey\":\"{\\\"keyValue\\\":\\\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf4SyX8QQbT/Wo3ZnMyjIL6bFh5Nr66im3+kdbYj1y0DfkTvzJpE9HNkjDqqSgJhs62DdZImKKobGStRy54RAmA\\\\u003d\\\\u003d\\\",\\\"keyExpiration\\\":\\\"1679120930439\\\"}\",\"signatures\":[\"MEUCIF0ap1buoWm9Y2CuekBLkAdYHD5OFq76cSZr8l1W/VHKAiEAgpbalaMOCVZ3/A9hmamMoX3KSLDtL4f/nu2FE5MzVm0\\u003d\"]},\"protocolVersion\":\"ECv2\",\"signedMessage\":\"{\\\"encryptedMessage\\\":\\\"MgYeSvqF2bOGjSksSOnQh4CYHpLOcMOMfltgLzypmWN/BU4kgso7wbxW9p1qjlzLaRx5cZfH9SbsLn7n3AJroW/Qak/iyAp8iPw803Kb3HnSHBFRdOkMeaxv2FvrORwjaSbxSnvWVIT/ZiEap0Q2xhwT+o0+YYr5KVJ+kDGYYK0wCEyl3wb4p+p/e7yCoNiCBrW8TIgNmwhnHV9uB9nmPw/7XVMqCr+pmoxQke7aVR0ee6Zdw16Rqnbpf4Cn4Vy7lwk7r2PNMmtsxMo9NLkcE3ntcbC+QIJxuOMXjFcNY3WTbeKZV5sQx/CuBJSaxpHczyL9hoATm7rcqw3GuSOsjRo71xr9Kl7irC3HEcal3aYqvT+tcTwubEg7UlY444pZPPluSSrwYIkRlH5TpjXTqMBKzpFuBklLRaYIp39mWvYlfSy+y414uIg0ukE9odqQBTdtVhB627KGXqrlibv2CfG1SwQ+A5XM7ysIt2DlNYFy+VVubmcQ/JzEXvCE0huZzqyYx43V+KF3zkyEwO5KQe31c2Bk0nj8YN7r8/9fkA\\\\u003d\\\\u003d\\\",\\\"ephemeralPublicKey\\\":\\\"BHvkCpwm78DpTI0WhyTPTj++Wt5hvcBdH4Q1xEVSSa/535/iKoXu9viS40MAuXXEu1GG8NdZcZ4sU5i8I/XHnKs\\\\u003d\\\",\\\"tag\\\":\\\"Qm4JzZw4it2SAx2CRfc0Texiwfmlgxst0urfrX8bdKk\\\\u003d\\\"}\"}"
}
]
}'
{
"overview": {
"total": 1,
"successful": 1,
"failed": 0
},
"responses": [
{
"type": "CARD",
"alias": "7LHXscqwAAEAAAGEiwgfM8CBTPrzACwH",
"maskedCC": "489537xxxxxx6287",
"fingerprint": "F-fgxnFwN-gsIw7y80T-kpBB"
}
]
}
3. Obtain card metadata and 3D information
Finally, use the alias and call the Token Status API to obtain card metadata. It also returns 3DS related information if available.
Check the walletIndicator
parameter to see the original wallet provider of the returned token. For Google Pay, it returns PAY
.
Strong customer authentication and liability shift
The Google Pay API might return cards on file on Google.com (
PAN_ONLY
) or a device token on an Android-powered device authenticated with a 3D Secure cryptogram (CRYPTOGRAM_3DS
).In case of a
CRYPTOGRAM_3DS
enabled card, 3D Secure related data such as theeci
andcaav
values will be present in the response of the Status API.For cards with
PAN_ONLY
authentication, no 3D object is returned and a separate 3D-Secure authentication step might be required. Refer to 3D Secure Authentication if you want to process 3D Secure authentications with PCI Proxy.The Google Pay API allows you to control which authentication method you want to offer to your customers with the following option in the Google Pay API:
const allowedCardAuthMethods = ["PAN_ONLY", "CRYPTOGRAM_3DS"];
.
Example Token Status API
curl --request GET \
--url https://api.sandbox.datatrans.com/v1/aliases/7LHXscqwAAEAAAGHLZMxjcu65Ep6AAhH \
--header 'Authorization: Basic {{basicAuth}}' \
--header 'Content-Type: application/json'
{
"alias": "7LHXscqwAAEAAAGHLZMxjcu65Ep6AAhH",
"fingerprint": "F-fkO8WHlN03g-bhs44wFI9J",
"type": "CARD",
"masked": "412374xxxxxx0013",
"dateCreated": "2023-03-28T13:33:53Z",
"card": {
"panRemoved": false,
"expiryMonth": "06",
"expiryYear": "25",
"cardInfo": {
"brand": "VISA",
"type": "credit",
"usage": "consumer",
"country": "US",
"issuer": "",
"accountType": "PAN"
},
"walletIndicator": "PAY"
}
}
{
"alias": "7LHXscqwAAEAAAGHLZ1mxzlxFJc6AEcT",
"fingerprint": "F-fkO8WHlN03g-bhs44wFI9J",
"type": "CARD",
"masked": "412374xxxxxx0013",
"dateCreated": "2023-03-29T13:45:02Z",
"card": {
"panRemoved": false,
"expiryMonth": "06",
"expiryYear": "25",
"cardInfo": {
"brand": "VISA",
"type": "credit",
"usage": "consumer",
"country": "US",
"issuer": "",
"accountType": "TOKEN"
},
"3D": {
"cavv": "AgAAAAAABk4DWZ4C28yUQAAAAAA=",
"eci": "07"
},
"walletIndicator": "PAY"
}
}
The value returned in the
masked
element represents the masked device pan (DPAN) - except for thePAN_ONLY
flow where the FPAN is returned as masked value.To see the last 4 digits of the FPAN please check the response from the Google API directly.
Testing your integration
Check out https://paymentbutton.datatrans.dev/ to see an example and test out the Google Pay integration.
Make sure to toggle
Output Token Data
and ignore the rest of the options available. You can use real cards stored in the Google Pay Wallet. Google will replace them by their own test cards.
Updated 4 months ago