SCA and Google Pay API

Strong Customer Authentication

To enable Google Pay to return appropriate payment credentials for transactions subject to Strong Customer Authentication (SCA), you might need to update your implementation.

If you’ve completed a Google Pay API V2 integration, the following changes are required.

Update your PaymentDataRequest object

Update your PaymentDataRequest object with the following properties:

Updated PaymentDataRequest object example

The following is an example of an updated PaymentDataRequest object:

{
  "apiVersion": 2,
  "apiVersionMinor": 0,
  "merchantInfo": {
    "merchantName": "Example Merchant"
  },
  "allowedPaymentMethods": [
    {
      "type": "CARD",
      "parameters": {
        "allowedAuthMethods": ["PAN_ONLY", "CRYPTOGRAM_3DS"],
        "allowedCardNetworks": ["AMEX", "DISCOVER", "INTERAC", "JCB", "MASTERCARD", "VISA"]
      },
      "tokenizationSpecification": {
        "type": "PAYMENT_GATEWAY",
        "parameters": {
          "gateway": "example",
          "gatewayMerchantId": "exampleGatewayMerchantId"
        }
      }
    }
  ],
  "transactionInfo": {
    "totalPriceStatus": "FINAL",
    "totalPrice": "12.34",
    "countryCode": "GB",
    "currencyCode": "GBP"
  }
}

Handle the response object

Merchants receive one of the following:

  • An authenticated payload that can be processed without any further step-up or challenge.
  • A PAN that requires 3D Secure 2.0 through a solution provided in-house or through payment service provider partners (PSP)

Most of our PSP offer the ability to apply appropriate instrument risk checks and step-up transactions. Where applicable, this includes 3D Secure for Google Pay PAN PAN_ONLY transactions.

If you have an in-house risk management tool, use the assuranceDetailsRequired parameter to get more details about the transactions.

If assuranceDetails.cardHolderAuthenticated returns false, apply appropriate instrument risk checks and step-up transactions. Where applicable, include 3D Secure.