Google Pay
Information
Google Pay is available for Flow. Flow enables you to accept payments on your website using Checkout.com's global network of payment methods with a single integration.
Google Pay enables customers to securely perform one-touch payments on your website or Android app, using any credit or debit card connected to their Google account.
Information
To enable Google Pay in the UAE or Saudi Arabia, contact your account manager or request support.
Google Pay offers the following authentication modes:
PAN_ONLY– The card is stored on file with your customer's Google account. The payment credentials are not bound to an Android device. For example, desktop or non-Android mobile web.CRYPTOGRAM_3DS– Google Pay offers SCA compliance by binding payment credentials to an Android device and allowing issuers to delegate the authentication to Google for all subsequent payments on that device.
CRYPTOGRAM_3DS credentials receive liability shift by default; to enable liability shift for PAN_ONLY transactions, apply 3DS.
To comply with SCA requirements for PAN_ONLY scenarios, see Desktop (or when device binding is unavailable).
Google Pay transactions authenticated with 3DS can benefit from liability shift when the cardholder adds their card:
- To Google Chrome or a Google product directly – The card is saved as a Funding Primary Account Number (FPAN) and supports liability shift for payments explicitly authenticated with 3DS.
- To the native Google Pay app using their Android device – The card is saved as a Device Primary Account Number (DPAN) and supports liability shift, because authentication occurred when the card was added.
Card schemes may downgrade a payment's liability shift during the authorization stage. This can happen even if the ECI value indicates that the downgrade occurred during authentication. The liability shift outcome is determined after authorization.
Information
To benefit from liability shift for Visa transactions processed using Google Pay, Visa requires you to opt in to Fraud liability protection for Visa device tokens.
When you receive the payment data from Google, request a Checkout.com token to encrypt the payment data.
The response returns a new token_format that identifies whether subsequent payments using this token already meet SCA requirements.
| token_format | SCA compliance |
|---|---|
| Google handles the authentication and provides a payload that meets the SCA requirements. |
Note
When a Google Pay payment does not require a 3D Secure setup (for example, payments using a CRYPTOGRAM_3DS token), we handle the authorization request without 3DS.
| token_format | SCA compliance |
|---|---|
| For in-scope transactions, the payment must use a 3D Secure exemption or be processed as 3D Secure. |
After receiving your token, you can authenticate the transaction as follows:
- Include the Google Pay token in the payment request body.
- To process this transaction as a 3D Secure payment, set the
3ds.enabledfield totrue.
If the card is enrolled in 3D Secure, you receive a 202 Success response. This response contains a redirect link for your customer.