PaymentsAPMs

Google Pay

About

Google Pay allows users to pay securely in Android apps and on websites using cards saved in their Google Wallet.

Region

International

Currencies

See the currencies page for details

Refunds

Yes, within 11 months

Disputes

Yes

Preauthorization

No

Recurring payments

Yes

Activation

To offer Google Pay with Mangopay you need to integrate Google Pay on your side.

See the Google Pay documentation for full details about integration in your website or Android app.

The configuration for your Google Pay API call in the payment flow is given below.

If not using Mangopay’s Checkout SDK, you also need to adhere to their design guidelines.

Flow diagram

The overall flow of a one-times Google Pay payment is given in the diagram below.

One-time payments

1

Present Google Pay to user

The user selects Google Pay at the checkout on your app or website and confirms payment.

2

Request payment data from Google Pay

When making payment requests to the Google Pay API, use the following values:

  • gateway - The payment gateway used: in this case, whenthen.
  • gatewayMerchantId - Your platform’s ClientId provided by Mangopay.
  • allowedAuthMethods - The supported authentication methods:
    • PAN_ONLY, meaning the card is registered in the user’s Google account and requires additional 3DS authentication
    • CRYPTOGRAM_3DS, meaning the card is enrolled in the customer’s Google Wallet and authentication is handled by Google, with no 3DS redirection and no liability for the platform.
  • allowedCardNetworks - The card networks supported by Mangopay on Google Pay: only VISA and MASTERCARD.
Google Pay configuration example
1{
2  "type": "CARD",
3  "parameters": {
4    "allowedAuthMethods": ["PAN_ONLY", "CRYPTOGRAM_3DS"],
5    "allowedCardNetworks": ["MASTERCARD", "VISA"]
6  },
7  "tokenizationSpecification": {
8    "type": "PAYMENT_GATEWAY",
9    "parameters": {
10      "gateway": "whenthen",
11      "gatewayMerchantId": "your-mangopay-client-id"
12    }
13  }
14}
3

Request the pay-in from Mangopay

Call the POST Create a Google Pay PayIn endpoint, including the PaymentData string as recieved from Google Pay. The amount and currency of your pay-in request must match your Google Pay request.

Google Pay payment data in Mangopay API request
1{
2  // ...
3    "PaymentData":"{\"signature\":\"MEUCIQDc49/Bw1lTk8ok2fUe4UT2q955C01N2av40WJ28pMt0QIgBxiXHZbccHuqEQHyNJJw8SM337fxd8A3kJFqhsf4pHo\\u003d\",\"intermediateSigningKey\":{\"signedKey\":\"{\\\"keyValue\\\":\\\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8bX5bzBELcoJ1pPhEHtTIhpZQsRgVIMtRf9R5yRyC9c9WH8bvgxIx40qH4aQ+btVM/rwKuDE8cs+dERH2gjUjw\\\\u003d\\\\u003d\\\",\\\"keyExpiration\\\":\\\"1688804022772\\\"}\",\"signatures\":[\"MEUCIF2OifAlN5PG+isU+xxX8/OU5MTk81hBulSmp9bu8caDAiEAkdRqb8uo4CUx4kMiA317A1b+5BxRUc/8+QMyc9Ikjfg\\u003d\"]},\"protocolVersion\":\"ECv2\",\"signedMessage\":\"{\\\"encryptedMessage\\\":\\\"tsTuUpytOkm8ENo1PpyzsHk6jxGDus/sSNQwqZeoPNw/NMQX2LJxJ6OTS4Yt+iNM7v4iuFC0eUWiy58xCQHKANeO/y66GJWMaDjPW2FBqBksb1WHXxP5KmgglACSqXtOMmjuYxVT6MeO4EfdsT4vGHRP0adP+Lkfj1tfjM1K0HyRWbLcwU9YXU0j83wV3PW28oxdFY5F4DC+Bhk7J5bZhIf5jymRXy3sR0kDoE/Qi4fUIdvgoHzi6MvppxCaEgwCygvfxu+vddP/7dshnL9+OFaDpoAp6is8I4UYbscNHkLosfBPwyUtndLMkDfNKUJ3yus92KSfbcK0iif3kXSMmV6ZrN873S7f27bsCsHhAlywOFpACorBNO8FzX/ediCsSi+n5kWOxe9oewGOeME2RNTsoy8an23be8yTek3YKajIhJRFW/9OtVnNmKOqwgw0F8nPFTjuSVPZbkinYS46Tr+KjOcr5aznEElkmk6OWgX1xSVkHZPpoW8XZdhB6Vs/5eWP6URncDZYN2EWtpWuz1+CAVKEjD95gcQGvzhmlPB0duiV76psDik8ojf2B6QfPJxV\\\",\\\"ephemeralPublicKey\\\":\\\"BJ0QIVwltj1vH2NAmYgUYBRrNymcOtTTP3QJnSc+enFGigIhNS87PZyA0PZ4iT/tifOqBj6barpJMwSQeO3nbJ0\\\\u003d\\\",\\\"tag\\\":\\\"R0iTOk4bogyVkf0STTvdiFq4kebJS7GN5/zxoBuCNNs\\\\u003d\\\"}\"}",
4  // ... 
5}

You also need to define the SecureModeReturnURL to which the user will be returned after redirection (if required).

4

Redirect the user (if required)

Redirect the user to the SecureModeRedirectURL value to complete strong customer authentication with the issuer, unless the value is null.

You can also use the SecureModeNeeded boolean to determine this redirection behavior.

On Google Pay, redirection is not required if the user’s card was enrolled in their Google Wallet and Google’s CRYPTOGRAM_3DS authentication could be used.

5

Return the user (if they were redirected)

In a redirection scenario, after the user completes authentication, they are returned to the SecureModeReturnURL which you defined.

6

Handle the outcome

The transaction is complete when the pay-in status changes from CREATED to SUCCEEDED or FAILED, indicating the outcome.

Set up webhooks for the PAYIN_NORMAL_SUCCEEDED and PAYIN_NORMAL_FAILED event types to be notified of this.

Recurring payments

Recurring payments with Google Pay requires a pay-in registration object to set up the recurrence, before your platform can request pay-ins linked to the registration.

The first pay-in, a customer-initiated transaction (CIT), requires the user to be on session. Once the first payment is successful, your platform can then request subsequent pay-ins without the user present, known as merchant-initiated transactions (MITs), at the frequency and amount agreed by the user.

Payment flow

The steps are as follows:

1

Request the payment from Google Pay

In the recurring flow, you need to obtain the PaymentData from Google Pay before calling the Mangopay API.

2

Set up the recurring registration

Call the POST Create a Recurring PayIn Registration to register details about the user, the wallet, and the payments.

Set the PaymentType to GOOGLE_PAY and provide the tokenized PaymentData string retrieved from the Google Pay API.

The registration object contains the amount of the first transaction and details about the recurrence. It is also possible to specify the amount of subsequent transactions, but this can be overridden when requesting subsequent pay-ins.

In the response, the RecurringPayinRegistrationId allows you to link the recurring pay-ins to this registration object. The Status of the registration object is CREATED.

3

Process the customer-initiated transaction (CIT)

Call the POST Create a Recurring Google Pay PayIn with the CIT payload to initiate the first transaction.

When the first transaction is initiated, the Status of the registration object becomes AUTHENTICATION_NEEDED.

If 3DS authentication is required (not handled by Google Pay), you need to redirect the user to the SecureModeRedirectURL so they can complete strong customer authentication and validate the first transaction.

Once the user authenticates and the first payment is successfully authorized, the registration object Status becomes IN_PROGRESS to indicates that you can debit subsequent payments without the user present.

Set up a webhook for the RECURRING_REGISTRATION_IN_PROGRESS event type to be notified of this.

4

Process merchant-initiated transactions (MIT)

For subesequent payments, call the POST Create a Recurring Google Pay PayIn with the MIT payload to initiate the pay-in.

Reauthentication

If at any point reauthentication is required by the issuer, the Registration object Status changes to AUTHENTICATION_NEEDED, which you can be notified of thanks to the RECURRING_REGISTRATION_AUTH_NEEDED event type.

In this case, you need to:

  1. Obtain a new PaymentData string from Google Pay
  2. Call the PUT Update a Recurring PayIn Registration with the new data
  3. Process a new CIT payment with the user on session to authenticate

Ending the recurrence

The registration object Status can be set to ENDED to indicate that it can no longer be used. You can do this using the PUT Update a Recurring PayIn Registration endpoint.

Set up a webhook for the RECURRING_REGISTRATION_ENDED event type to be notified of this.

Endpoint
The Google Pay PayIn object
Testing
Learn about testing Google Pay