Google Pay
Google Pay™ is a comfortable way of paying for goods and services in your e-shop or Android mobile app. Your clients can pay with the same cards they use on contactless terminals in shops. Your clients do not need to retype the card number and the payment is authenticated directly on the Android phone, without the need to further authenticate the payment in 3D Secure. These two features make Google Pay one of the most convenient payment methods.
The vast majority of issuers on the Czech market already offer Google Pay to their customers. Adding card to the phone is possible through the Google Pay Android app. Some issuers offer Google Pay activation for their cards directly from the banking application.
Use of Google Pay is free for customers. Merchants pay the standard card fees for acceptance of Google Pay payments through the ČSOB payment gateway. There are no additional fees associated with Google Pay acceptance.
Implementing Google Pay into an e-shop is easy. The first step is to implement with Google services - either from Android or using javascript for payments from the browser. By calling Google services you can obtain customer's card and transaction information. This call can be compared to pulling a card out of a wallet. The payment details obtained in this first step are encrypted so that only the payment gateway can read them. As a merchant, you don't have to worry about payment security or the PCI DSS standard. In the second step, you pass this payment data to the payment gateway using the Google Pay API functions (for more information on technical integration, see here), where the data is processed and the payment is authorised.
From the customer's point of view, the entire payment process is hidden behind the card withdrawal from Google Pay. All other operations take place in the background. If the customer pays outside the Android environment, they may be asked to confirm the transaction.
Further processing of the payment is the same as for a normal card transaction, i.e. it is possible to use collecting partial card payment as well as partial and full returns. Transactions are settled on the account and issued in the same way as card payments.
Google Pay payments on Android phones are verified using cell phone biometrics. No additional authentication using 3D Secure is required. If the customer uses Google Pay in a browser (or in a mobile application on iOS), it is necessary to perform 3D Secure verification in the same form as for a card payment. Here, too, the more additional transaction data you provide to the payment gateway, the better the chance of verification without confirmation, which will simplify payment for the customer. The payment gateway handles payments from both Android and browser in the same way.
Step 1: The merchant communicates with Google Pay and retrieves the payment data from the wallet
Step 2: Create payment - the merchant creates the payment, passes the wallet data and additional purchase data to the payment gateway (googlepay/init)
Step 3: The payment gateway confirms the creation of the payment and assigns a payID
Step 4: Merchant starts payment processing (googlepay/process)
Step 5: The payment gateway informs about the result of the payment (payment from Android after biometric verification and payment from the browser in case of verification without confirmation) or passes a link to the verification page of the card issuer
Step 6: (Only for verification with confirmation) the merchant opens the verification page, the customer confirms
Step 7: (Only for verification with confirmation) the merchant checks the status of the payment (payment/status) until the payment is confirmed or declined
Verification in iOS / Android mobile applications and the use of SDK
For Google Pay payments in iOS and Android native mobile applications, it is possible to use the mobile SDK, which is globally technically standardised on the EMV platform. This SDK collects technical data about the user's device (for card issuer risk analysis) and displays the card issuer's verification page for confirmation verification. The SDK is not tied to a payment gateway, so you can use any EMC-certified SDK. You can find a list of their providers in this list. ČSOB works with NetCetera's mobile SDK - if you are interested in it, please contact [email protected]. For the transmission of SDK outputs and the acquisition of SDK parameters from the payment gateway, see the technical specification of Google Pay payments.
Please follow these steps when implementing Google Pay in your e-shop or Android mobile app:
- Before you start the integration works, please make yourself familiar with:
- Terms of Service
- Acceptable Use Policy
- Brand Guidelines and UX best practices for implementation on the Web: Google Pay Web Brand Guidelines and UX Best Practices
- Brand Guidelines and UX best practices for implementation in Android mobile applications (Google Pay Android brand guidelines)
-
Read the Google Pay Web developer documentation and/or Google Pay Android developer documentation and plan your integration with Google Pay services
-
Read through the integration checklist (Web - Google Pay Web integration checklist) (Android - Google Pay Android integration checklist) and plan your integration works in compliance with the checklist. Please note the following specifics while using the ČSOB payment gateway:
- 1 (Basics)
- Point 1 - risk management: full responsibility of the payment gateway, no action on your side necessary
- Point 4 - accepted card types: your parameterization (as per ČSOB payment gateway Contract) is always returned in the response to the
googlepay/echoAPI call - Point 5 “Direct” integration: not relevant when using the ČSOB payment gateway
- 3 (Functional tests)
- Point 2 - “PAN_ONLY” cards: perform this test as described. ČSOB payment gateway supports Google Pay also with cards saved on https://pay.google.com (no Android phone needed)
- Log in to the Google Pay Business Console (requires Google account) and perform the following steps:
- Fill in the company name and country
- (Recommended) add at least one user with the “administrator” role to make sure you do not get locked out from the Google Pay Business Console should you lose access to your Google Account
- Fill in your company profile and upload your logo (branding)
If you have a Google account used for Android app publishing in Google Play, using this account for Google Pay registration will simplify the integration of Google Pay with your Android apps. If you use a different account, follow one more additional step: add the Google Account used for Google Pay registration to Google Play as a “user” of the app(s) you want to integrate Google Pay with. As soon as you set this up, your Android Apps will show up in the Google Pay Business Console.
-
Contact [email protected] and ask for activation of the Google Pay payment method for your account. Please make sure you have your Google Pay Merchant ID at hand - you will need to provide it to the ČSOB payment gateway business representative. Google Pay Merchant ID is different from the payment gateway “merchantID” and you will find it in your company profile within the Google Pay Business Console.
-
Implement the front-end part of Google Pay checkout and payment flows. Please make sure you stick to the rules and best practices listed in points 1 and 2 above. Please use the operation
googlepay/echoto retrieve the parameters for Google Pay checkout from the payment gateway. Response to this call will provide you all the necessary parameters you need to properly set-up the Google Pay API objects. Please note that thegooglepay/echooperation on the payment gateway API will work only after the payment method activation in step 5. -
Implement the new API methods on your backend interface to the ČSOB payment gateway (
googlepay/echo;googlepay/init;googlepay/process). Please use the integration environment (“iBrána”) for development and testing. The integration environment will automatically return the parameterization for Google Pay Test environment (environment:TEST). You can use your phone and real cards for testing – Google Pay test environment will not provide these cards to the payment gateway (your account cannot be charged). Please read the specification of API methods for Google Pay carefully.
When you are ready with your integration on the test environment and you are able to make screenshots of your customer checkout flow, continue with the following steps:
-
Click “Google Pay API” in the left menu of the Google Pay Business Console. Then click “Get Started” button (on the top of the page). This will open a window with Google Pay API Terms of Service. Please read it and confirm.
-
As soon as you confirm your agreement with the Terms of Service, you will see a new button in the lower part of the “Google Pay API” screen. If you have any Android apps linked to your Google Account, you will also see a list of these apps.
For Android app: Select the app from the list by clicking “Manage”. Select Integration type “Gateway”. Upload the required screenshots and click save.
For e-shop website: Please click the button “Integrate with your website”. Fill in the URL of the website and select Integration type “Gateway”. Upload the required screenshots and click save.
- Click “Submit for approval” at the top of the page and await approval from Google.
When you receive your integration approval from Google, test your implementation with the production payment gateway. Then you are good to release Google Pay payments to your customers!