Integrating with Google Pay™️
Overview
The Google Pay™️ integration allows a VGS vault to intercept encrypted payment tokens, decrypt the tokens, and alias the sensitive card information before forwarding the aliased payload to your inbound upstream.
Note that sandbox vaults are configured to always use the sandbox Google Pay™️ keys when decrypting the message. Production vaults will always use the production Google Pay™️ keys when decrypting the payload.
Instructions
This integration can be enabled from the Integrations list in your VGS vault. Enabling this integration will create a new inbound route in your vault.
Enable the Google Pay™️ integration from the Integrations list in your VGS vault. Enabling this integration will create a new inbound route in your vault.
Download the new Inbound Route YAML and update the value that says GATEWAY-MERCHANT-ID to your VGS Organization ID. This value can be found by going to the Organization Settings area in the VGS dashboard.
Upload the updated YAML file to your vault. The integration is now fully setup.
Request Data Structure
By default, the integration expects the POST data to be in the format below. If you wish to change this data format, modify anywhere in the YAML file that references google_pay_payload.token and replace it with the new location to the GooglePay token.
{
"google_pay_payload": {
// The "token" field contains the payload from Google Pay. The VGS Proxy will be replace this field with the decrypted and tokenized version
"token": {
"signature": "...",
"intermediateSigningKey":{
"signedKey":"...",
"signatures":[
"..."
]
},
"protocolVersion":"ECv2",
"signedMessage":"..."
},
"miscellaneous_data": "Miscellaneous data. There can be any number of additional data fields."
},
"miscellaneous_data": "additional data fields"
}
Upstream Data Structure
After routing through the VGS proxy, the Upstream server will receive the following data:
{
"google_pay_payload": {
"token": {
"gatewayMerchantId": "YOUR VGS ORGANIZATION ID",
"messageExpiration": "1651011195869",
"messageId": "...",
"paymentMethod": "CARD",
"paymentMethodDetails": {
"assuranceDetails": {
"accountVerified": true,
"cardHolderAuthenticated": true
},
"authMethod": "CRYPTOGRAM_3DS",
"cryptogram": "...",
"expirationMonth": 8,
"expirationYear": 2022,
"pan": "tok_live_svzgiX8SDJMRjk93GVKG6b"
}
},
"miscellaneous_data": "Miscellaneous data. There can be any number of additional data fields."
},
"miscellaneous_data": "additional data fields"
}Event diagram
Below is a runtime event diagram for decrypting a Google Pay™️ payment token.
Google Pay™️ Feature Support
Auth Methods
The VGS integration with Google Pay™️ supports both CRYPTOGRAM_3DS and PAN_ONLY payloads. Details on the supported auth methods can be found in the Google Pay docs in the allowedAuthMethods section.
Card Networks
The VGS integration with Google Pay™️ supports decrypting payloads from the following card networks: AMEX, DISCOVER, INTERAC, JCB, MASTERCARD, MIR, VISA
In order to support combo cards from Brazil, this list also includes the following card networks: ELECTRON, MASTERCARD, MAESTRO, ELO, and ELO_DEBIT
Details on the list of card networks can be found in the Google Pay docs in the allowedCardNetworks section.
Samples
Check out our sample applications below to see how to collect Google Pay™️ data with VGS.
This examples shows how easily you can integrate VGS + Google Pay into your React application and secure sensitive payments data. A native sample application to demonstrate how easily you can integrate VGS + Google Pay into your website and secure sensitive payments data.
Last updated