Skip to content

Google Pay with 3D Secure

Last updated: 13th January 2022

Google Pay offers two authentication modes:

  1. PAN_ONLY - the card is stored on file with your customer's Google account. Thus, the payment credentials are not bound to an Android device (for example, desktop or non-Android mobile web).
  2. CRYPTOGRAM_3DS - Google Pay offers SCA compliance by binding payment credentials to an Android device and allowing issuers to delegate the authentication to Google for all subsequent payments on that device.

Find out below how you can comply with SCA requirements for PAN_ONLY scenarios.


Tokenize the Google Pay payment data

Once you have received the payment data from Google, you first need to get the Checkout.com token to encrypt the payment data. You then receive a new token_format in the response to help you identify whether or not subsequent payments using this token already meet SCA requirements.

Android native app and mobile web

token_formatSCA compliance

CRYPTOGRAM_3DS

Google handles the authentication and provides a payload that meets the SCA requirements.

In cases where the Google Pay payment does not require a 3D Secure setup (for example, payments using a CRYPTOGRAM_3DS token), we will handle the non-3DS authorization request.

Desktop (or when device binding is unavailable)

token_formatSCA compliance

PAN_ONLY

For in-scope transactions, the payment should use a 3D Secure exemption or be processed as 3D Secure.

Response example

1
2
3
4
5
6
7
8
9
10
{
"type": "googlepay",
"token": "tok_xac73j6l7rue7freatxtonf3pi",
"expires_on": "2021-09-15T11:14:15Z",
"expiry_month": 12,
"expiry_year": 2026,
"last4": "1111",
"bin": "411111",
"token_format": "pan_only"
}

Request a 3D Secure payment using Google Pay

To enable 3D Secure for Google Pay, please contact your Customer Success Manager.

After receiving your token, you can authenticate the transaction as follows:

  1. Include the Google Pay token in the payment request body.
  2. To process this transaction as a 3D Secure payment, set the 3ds.enabled field to true as in the request example below.

Request example

1
2
3
4
5
6
7
8
9
10
11
{
"source": {
"type": "token",
"token": "tok_lrn2umaznynuvkcjc6unno663u"
},
"amount": 1234,
"currency": "GBP",
"3ds": {
"enabled": true
}
}

Response example

If the card is enrolled in 3D Secure, you will receive a 202 Success response. This response contains a redirect link for your customer.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"id": "pay_hl4k4b5n6pfklmfayflhzw3ovq",
"status": "Pending",
"customer": {
"id": "cus_rtr7qq37wzhujcp5iv36qys43i"
},
"3ds": {
"downgraded": false,
"enrolled": "Y"
},
"_links": {
"self": {
"href": "https://api.sandbox.checkout.com/payments/pay_hl4k4b5n6pfklmfayflhzw3ovq"
},
"redirect": {
"href": "https://3ds2-sandbox.ckotech.co/interceptor/3ds_bicq62vdvrbuznjzcmcfrhtswy"
}
}
}