Pay with Google Pay

Prerequisites

As a prerequisite, you should understand:

Process Details

To set up for live transactions, you need two merchant IDs. One is received from Google, the other is from the payment gateway. You can receive the Google merchant ID, and request production access for particular Internet domains, at https://developers.google.com/pay/api/web/guides/test-and-deploy/request-prod-access. You bring the Google merchant ID to us then. We will register it at the payment gateway, and tell you also the gateway merchant ID. It is passed to the Google Pay button of your checkout solution.

The payment process itself works similar to other payment methods. When one operates the Google Pay button, the payment instrument is chosen and the necessary security checks are performed. The Google API returns a security token, that must be handed over to authorise the payment against the secuconnect API. The secuconnect API methods to authorise and capture the payment are the same like for credit card payment, except there are no callback URLs for there is no second interactive 3-D Secure check. And there is a special Payment Container type for Google Pay.

Button Parameters

The other parameters can be requested from the secuconnect API:

Request
POST /api/v2/General/Contracts/GCR_UWOTSTRSQFMGV5PK5LF65LNNL0H84G/IframeOptions HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Accept: application/json

If everything is fine, the API responds with 200 OK and an object like this:

Response
HTTP/1.1 200 OK
Content-Type: application/json
 
{
// ...
"payment_config": {
"Googlepay": {
"api_version": 0,
"api_version_minor": 0,
"type": "PAYMENT_GATEWAY",
"allowed_auth_methods": [
"CRYPTOGRAM_3DS"
],
"allowed_card_networks": [
"MASTERCARD",
"VISA"
          ],
"gateway": "credorax",
"gateway_merchant_id": "SECUP978",
"merchant_id": "hp2wte1admsx75f2zqnn",
"merchant_name": "Musterfirma GmbH"
},
// ...
}
}

The returned parameters inside payment_config.Googlepay are used as-is to create the button.

Google Pay Button Integration

The setup for the token generation is as follows:

JavaScript
tokenizationSpecification: {
type: 'PAYMENT_GATEWAY',
parameters: {
gateway: 'credorax',
gatewayMerchantId: 'SECUP978',
},
};

You must restrict the application to the following authentication method and card networks:

JavaScript
const allowedCardAuthMethods = ["CRYPTOGRAM_3DS"];
const allowedCardNetworks = ["DISCOVER", "MASTERCARD", "VISA"];

Authorise the Payment

In order to authorise the Smart Transaction for Google Pay payment, you need to call POST Smart/Transactions/STX_xxx/prepare/creditcard:

Request
POST /api/v2/Smart/Transactions/STX_33PXAW2YN2NJTPM5KPGMK7QF5PBVA2/prepare/creditcard HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Content-Type: application/json
Accept: application/json
 
{
"customer": {
"id": "PCU_3M55SQZR42NSPDS8GGF4N55EZCDCAZ"
},
"merchant": {
"id": "MRC_FDFCR9PP93SOINGJ7F63WKBHMFVW2O"
}
  "container": {
"type": "googlepay",
"private": {
"protocolVersion": "ECv2",
"signature": "MEUCIGXzEMNUb5GCEG7AuMYod8ofOf/McdVJxobWyj7hq60JAiEAinmOEw6tPgKXEoN4jFpxwdXwHgie4HTtg5b2kfrjC4M\u003d",
"intermediateSigningKey": {
"signedKey": "{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEd8INiTXkwHuWx0RUxzMvVaxaOldLrU9FZHD5i5awPtFxJcfPJhb7x0DNPLCCXdtGpeILckeEHWZJhwTSjn//YQ\\u003d\\u003d\",\"keyExpiration\":\"1689146771378\"}",
"signatures": [
"MEQCICj3uiUDhAZUXUFtRm0aAWYAURoukH1h+fDJ+SzzLq/rAiA2jgCQCCJs7HG6pcwQOoWgRxf3TzNaRvEJbiG1WNmYJg\u003d\u003d"
]
},
"signedMessage": "{\"encryptedMessage\":\"8u7d/X9xXb0QE9Vqu6QeJwqQAwbXaVByPJKn0ZOqwUFh+PRgjxD7Hma6VOEIkB0Pnox6n+8x4CuDdxkhI+33qbDJm73G0AVHXK5KMJDB82i/RWjxN57y0SwVrYIUjYk1M43zew78kuslGHRKGUGFVoL/3IogvifQmMkiPh+G/Teu1QHVPhUKJoPAbotCWx9/FLs8GYwRUec2+MAXxN/iL3Wp/I0pY8PoM72OJEBB5+jASzqzFeYlXBsjVzw0wyfvcl8Komno0p3sgHPg4ZfA3OdCFPgESfGTY5Gg1C3PzVS40u8RkBNSM6MQbkgqOvzb0nOOUEhY+hJbjhaI1kH3xlxueRxvXIYZIe9ZuzECeDi+Eu6MwdtI3Q+genqkJbcpNmnCUQE3nfRPGldB8c2+AZVG9plg3gCRqSR0nai8j54MDxrT1fvRvelgEPH1E1hi+1xHfDa9nzsDkR1wJWbJp2WZtE8PR6m9swdW\",\"ephemeralPublicKey\":\"BEaKyKbKHyOLjUDr6pFnGHFc1196gGx9U8nKAfIinw8V6KXNZCmdOTnxRNrZUdW+byZAapX1ntYFEDtciDQuwvI\\u003d\",\"tag\":\"B0qC1vdOqWg8ZOP16pS7oSJG4+hjBXGs9QljYByyJm8\\u003d\"}"
}
  }
}

These are the parameters:

Parameter

Type

Meaning

container

object

Payment container data

container/type

string

Always "googlepay" for this payment method

container/private

object

Data taken from Google Pay token ( paymentData.paymentMethodData.tokenizationData.token )

customer

object

Customer. Only needed if not set before.

customer/id

string

Customer ID (PCU_xxx)

merchant

object

Merchant. Only needed if not identified by the contract.

merchant/id

string

Merchant ID (MRC_xxx)

The Smart Transaction is authorised immediately.

Response (3-D Secure Not Required)
HTTP/1.1 200 OK
Content-Type: application/json
...
 
{
"object": "smart.transactions",
"id": "STX_33PXAW2YN2NJTPM5KPGMK7QF5PBVA2",
// ...
"customer": {
"object": "payment.customers",
"id": "PCU_3M55SQZR42NSPDS8GGF4N55EZCDCAZ",
"contact": {
"forename": "Mike",
"surname": "Mustermann",
"name": "Mike Mustermann",
"address": {
"street": "Musterstr.",
"street_number": "42",
"additional_address_data": "App. 97",
"postal_code": "09999",
"city": "Dorianburgh",
"country": "DE"
},
"email": "Eunice.Spencer89@example.net",
"mobile": "+491775555555",
"phone": "+495555555555",
"dob": "1965-12-31T00:00:00+01:00"
}
},
"container": {
"object": "payment.containers",
"id": "PCT_SF9XGHPVC2NSQX03V86EREAMMET7AZ"
},
// ... // ...
"transactions": [{
"object": "payment.transactions",
"id": "PCI_4YN04HZ4Z705GMRSJ5EW4J4X0ZDPNW"
}],
"created": "2020-10-29T14:13:41+01:00",
"updated": "2020-10-29T14:13:50+01:00",
"status": "approved",
// ...
"payment_method": "creditcard",
"trans_id": "30093721",
// ...
}

Status approved means the payment is authorised and you should be able to capture it. Status failed means you must repeat the payment process. You must also repeat the payment process when you update the Smart Transaction. It is then set back to created.

If the option auto_capture is true, it would already capture the Smart Transaction. Status ok, received or collection means you can deliver. Status pending means you have to wait for one of these statusses. Status failed means the payment failed, and you must repeat the payment process.

Authorise with Payment Container

If you want to authorise with an existing Payment Container, you make nearly the same call, but you pass the Payment Container ID instead of the container details. This can make the integration more uniform to other payment methods.

The Payment Container is created using the endpoint POST /api/v2/Payment/Containers:

Request
POST /api/v2/Payment/Containers HTTP/1.1
Host: https://connect-testing.secupay-ag.de/api/v2/Payment
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Content-Type: application/json
Accept: application/json
 
{
"type": "googlepay",
"customer": {
"id": "PCU_3M55SQZR42NSPDS8GGF4N55EZCDCAZ"
},
"merchant": {
"id": "MRC_FDFCR9PP93SOINGJ7F63WKBHMFVW2O"
},
  "token": {
"signature": "MEUCIQD4NF3Wh1Kjvxf12MsZ3iVf1eHZOU46l43gNMIxzHAq8QIgX3cGN3V2DSTUtGIwgdNjaXca4+Kpslx45nWgzcOmqag\u003d",
"protocolVersion": "ECv1",
"signedMessage": "{\"encryptedMessage\":\"JIZUxB6VJpFERmvAD0kuwcNwE0xU7G9Eln7T33sIBMJejg/PkHBl3dLibpiQw/h/Iw3Q80wh9rnrIV/wR6nP1uXU6w5cuRfuFxY4gslHdsYVOjARb+nQEvOFR5XsPJrsoeqOPvmoU/FUrUlfgRgRCSSDRdBoYyXwxUp4jOV72kiCE0JNI0JuvTqwZ8KbSn4lmDhW0/21ge6zuUCJBcjy3gqzugaR5tSZP38e9L/EhIPC5W1o7leukcsubkRupFI36WNHHQj+T1s4JYkBN1ZYnRhnFaCHwER5bkFiLOQWpgMO58200wBuKCN3vqlMMaqG/o/xr4t9phTmcn92mOX4ID8LqnXLKvTFuK/yAgKWdW0PppWH6Iq56SYsk9WkSftNPkYpA2svL9yBsiOXHnWz/mPb1SDsGTtTWp572EN+Vz+/IEiuCx2RwdFF+yBTFCI8kPjgAi4FCBlN/COIXwhx4WB/em+lY5b37R9E\",\"ephemeralPublicKey\":\"BDjIkULGo1+qIQr7YlBykd5gBvKy1BqdP+DLyA6N+iQ0GP1kvi8TfHBDk2A8ACfpZjdLUAtyUcSu3163xzsJFu4\\u003d\",\"tag\":\"CkR+SLL3kjNAAm0RURQRMDcn3cPNL+wBDeMA2jSEV6A\\u003d\"}"
}
}

If everything is fine, the API responds with 200 OK:

Response
HTTP/1.1 200 OK
Content-Type: application/json
...
 
{
"object": "payment.containers",
"id": "PCT_2TURXA2P22NSQMZTJR0RF9WGZJNAA2",
"merchant": {
"object": "general.merchants",
"id": "MRC_FDFCR9PP93SOINGJ7F63WKBHMFVW2O"
},
"customer": {
"object": "payment.customers",
"id": "PCU_3M55SQZR42NSPDS8GGF4N55EZCDCAZ"
},
"type": "googlepay",
// ...
"created": "2022-04-05T13:25:31+01:00"
}

You need to remember the id (line 7). It is used for the next step.

The authorisation is the same call to POST /api/v2/Smart/Transactions/{id}/prepare/creditcard, but you pass the Payment Container ID instead of the container details:

Request
POST /api/v2/Smart/Transactions/STX_33PXAW2YN2NJTPM5KPGMK7QF5PBVA2/prepare/creditcard HTTP/1.1
Host: https://connect-testing.secupay-ag.de/api/v2/Payment
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Content-Type: application/json
Accept: application/json
 
{
"customer": {
"id": "PCU_3M55SQZR42NSPDS8GGF4N55EZCDCAZ"
},
  "container": {
"id": "PCT_CFKVVAPGW2NSQMSSCTVTT8U4525CAZ"
}
}

The outcome is exactly the same as if you had passed the container details.

Capture the Payment

The way to capture an authorised payment is the same for all payment methods. If you have already studied this for invoice or direct debit payment, you will not find any new details.

In order to start the authorized Smart Transaction, you only need to call POST Smart/Transactions/STX_xxx/start.

Request
POST /api/v2/Smart/Transactions/STX_33PXAW2YN2NJTPM5KPGMK7QF5PBVA2/start HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Accept: application/json

If everything is fine, the API responds with 200 OK:

Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"object": "smart.transactions",
"id": "STX_33PXAW2YN2NJTPM5KPGMK7QF5PBVA2",
// ...
"transactions": [
{
"object": "payment.transactions",
"id": "PCI_FDBREW9ZS7P6FTN4ZY2ATC6NK0QWO7"
}
],
"created": "2020-03-27T10:55:23+01:00",
"updated": "2020-03-27T10:56:41+01:00",
"status": "ok",
// ...
}

Status ok, received or collection means you can deliver. Status pending means you have to wait for one of these statusses. Status failed means the payment failed, and you must repeat the payment process.

In case of invoice payment you need to mark the actual delivery. This is to know the payment has become due, and to calculate the due date.