Google Pay ™
Applicable Scenario: Google Pay ™
Applicable Scenarios: Merchants supporting Google Pay payments
Google Pay supports payments on mainstream PC and mobile web browsers as well as mobile applications. YabandPay offers seamless integration with Google Pay, supporting debit and credit cards from the following international card schemes:
Visa / VPay
Mastercard / Maestro
UnionPay
Settlement accounts must be located in the European Economic Area (EEA) or the United Kingdom (UK).
[!TIP|style:flat]
All merchants using Google Pay must comply with the following terms:
Merchants accessing Google Pay via YabandPay's hosted solution are deemed to have accepted and agreed to comply with the above terms.
2. Credential Types & 3D Secure Requirements
Google Pay provides two types of payment credentials (tokens):
- PAN_ONLY: Returns encrypted primary account number details (
cardInfo.cardDetails) and card network (cardInfo.cardNetwork), without a dynamic cryptogram. - CRYPTOGRAM_3DS: Returns tokenized credentials based on the network token (DPAN) and includes a dynamic cryptogram for higher security transactions.
3D Secure Requirements:
If a
PAN_ONLYcredential is received, a 3D Secure verification must be performed (set parameter3ds_initiate=01), otherwise the transaction will be rejected by YabandPay.Frontend integration is recommended to support both credential types: ["
CRYPTOGRAM_3DS", "PAN_ONLY"].YabandPay's backend will automatically determine whether to execute 3D Secure based on the credential type.
2. App or Web Integration (Self-Hosted)
Merchants may integrate the Google API to initiate payment flows for self-hosted websites or apps. Below is the integration flow and configuration example:
Payment Flow:
The user clicks the Google Pay button on the merchant’s website or app;
Authentication is completed using Face ID / Touch ID / password;
Google returns the encrypted token;
The merchant submits the token to YabandPay for processing.
Note: If the merchant opts for self-hosted integration, a Google Pay merchant account must be registered via the Google Pay & Wallet Console, and a Merchant ID obtained. This ID will be linked to YabandPay’s payment channel.
API Configuration Example:
"tokenizationSpecification": {
"type": "PAYMENT_GATEWAY",
"parameters": {
"gateway": "yabandpay",
"gatewayMerchantId": "<Merchant ID assigned by YabandPay>"
}
}
The received token must be Base64-encoded and submitted to YabandPay as the
payment_token_object;gateway:A fixed value, must be set to
"yabandpay";Address verification is not required. We recommend configuring:
billingAddressRequired: false
3. Hosted Integration
YabandPay offers a hosted Google Pay payment solution. Merchants do not need to integrate the Google Pay button or SDK themselves. Instead, they simply submit an order via a standard API and redirect users to the YabandPay hosted page at https://pay.yabandpay.com, where the user completes the Google Pay transaction.
Since Google Pay is embedded in the YabandPay page in this hosted mode, merchants are not required to configure any CSP policies, load Google scripts, or manage SDK versions.
Integration Flow:
The merchant initiates an order using YabandPay’s Hosted Payment Page (HPP), and receives a
pay_urlin the response;The user is redirected to the hosted page at
pay_url;The user completes the Google Pay transaction on
pay_url;Upon completion, the user is redirected to the merchant’s configured
redirect_url, and the result is asynchronously notified vianotify_url.
Features & Advantages:
No need to load Google Pay scripts or JavaScript SDK on the frontend;
The payment process is securely hosted by YabandPay;
The hosted page displays merchant name and order information for better user recognition;
All transactions are processed using YabandPay’s unified Google Merchant ID;
Merchants only need to enable Google Pay in the YabandPay merchant dashboard.
4. Authorization Methods
YabandPay supports the following Google Pay authorization modes:
One-time payment authorization (DPAN + cryptogram);
Card-on-File (COF) is not supported;
FIDO biometric authentication is not supported.
5. Data Submission & Security Requirements
Submit the Base64-encoded
payment_token_objectvia HTTPS POST to YabandPay;All data transmissions must use TLS 1.2 or higher;
YabandPay performs decryption using PCI DSS-compliant HSM infrastructure.
6. Official Google Pay Integration References
General Resources:
Developer Portal: https://developers.google.com/
JS Button Demon: https://jsfiddle.net/fw5t6caL/
App Integration Resources:
Android Overview: https://developers.google.com/pay/api/android/overview
Android Checklist: https://developers.google.com/pay/api/android/guides/test-and-deploy/integration-checklist
Brand Guidelines: https://developers.google.com/pay/api/android/guides/brand-guidelines
Web Integration Resources:
Web Overview: https://developers.google.com/pay/api/web/overview
Web Checklist: https://developers.google.com/pay/api/web/guides/test-and-deploy/integration-checklist
Brand Guidelines: https://developers.google.com/pay/api/web/guides/brand-guidelines
API URL:https://mapi.yabandpay.com/Payments
Method:POST
POST data type:Json
| Parameter | Type | Description | Required |
|---|---|---|---|
| user | String | the UID of cashier account | Required |
| sign | String | signature | Required |
| method | String | v3.CreateCardPayments | Required |
| time | Long | timestamp | Required |
- Parameter
| Parameter | Type | Description | Required |
|---|---|---|---|
| pay_method | String | online | Required |
| sub_pay_method | String | Google Pay | Required |
| operation | String | 1.Sales 2.Authorisation; | Required |
| order_id | String | order id from Merchant | Required |
| amount | String | format in cents: € 24.99 should be 24.99, the min amount is EUR 1.00 | Required |
| currency | String | ISO 4217, For example EUR, CHF | Required |
| description | String | order description | Required |
| demo | String | custom field | Optional |
| 3ds_initiate | String | 01. Enable 3D Secure ; | Required |
| payment_token_object | String | The "payment_token_object" string obtained from Google Pay | Required |
| timeout | String | value 0 means 1440 minutes | Required |
| redirect_url | String | the redirect URL after payment is completed | Required |
| notify_url | String | asynchronous notification url | Required |
| request_id | String | The request ID must be unique. It is recommended to use a combination of at least 24 digits and letters. | Required |
Obtain payment_token_object:
Example of token returned by Google Pay:
{
"signature": "MEUCIC+XtiYdlmjL2/1wEn33qnya8G4POk5jYkRNY5+MkdBlAiEAwoRYQu26ZopwpcOWlwUe/E+i4FKzpunCFZf44mS0cxQ\u003d",
"intermediateSigningKey": {
"signedKey": "{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUJW8LjUtTV7esDMJLtCe8hYjlcQih8g7HP5bgO4ysma4/CwGq0CnZ5G0t0o44D92d9L3SfXS2GyK2PJMtE/NBg\\u003d\\u003d\",\"keyExpiration\":\"1724120515000\"}",
"signatures": ["MEYCIQC1ZWgFEaSR1pNbwTW6liQL7WXZQZExx1Idj7oQzHvoPQIhAOx1b+9CamfDeZUcHXpU01xTfa6EaaH3TgKaTBnrsuuG"]
},
"protocolVersion": "ECv2",
"signedMessage": "{\"encryptedMessage\":\"y+XA1ltwldTcmVSZwfVayP7b0hPNLODGyi2UgCCJcSSs0iBj73HML5eWcYBiT+T+ZP8SmV54U9E2AmuRwVeVYHai8Z/ajrxE7fM+Fv/e9IXt36WjC4SWhAHM8T/DkOlE6BcuoKAMz6iLkJJ40g0zAkUKijln5YEbhLXHRoh/5l/8wGNDxErI7JdNZ4cA9vh8go/gR2YXKxVngFH4PFHcGyKa4MKnYDATMBDdx/F+MI4vVtPLXruTPpG0HBgLlJct95LZl9T686sOWuwg4pWLLSqcbuqd+MAZZihy2FW+9cdKNXsebL91rRbq7dahtET1K90YzyWzM9CfntcjHf5YqhnssApnE+Jb7OZ+mn5hO27Z93by7G3Fgi7YxJqcW4o/4D+NIANe0BqwbFyhw5Un8rIKkXg//WD9TlFHl2oIgyOKnZLO8NrnfEffoxstvRft1enafD0DadUk2IL5+Q\\u003d\\u003d\",\"ephemeralPublicKey\":\"BFzys/8Oy4iBu0ZYlLcy5SNZUOKFQhTx/985qiMFKGssVm4Fk9hweWlemyClMbI216lbsPS4Sy15ab/75gW1v08\\u003d\",\"tag\":\"jpHUeHrZuI1y77wRisFznOadAzlP2je8RFpT9PFpmHs\\u003d\"}"
}
The payment_token_object field is the base64_encoded string of the token data obtained after connecting to Google Pay.
Signature:
Lexicographical sequence and URL key-value format new string
"3ds_initiate=01&amount=0.1¤cy=EUR&description=test&method=v3.GooglePayment¬ify_url=https://www.yabandpay.com/notify&operation=1&order_id=1723517503&pay_method=online&payment_token_object=eyJzaWduYXR1cmUiOiJNRVVDSUMrWHRpWWRsbWpMMi8xd0VuMzNxbnlhOEc0UE9rNWpZa1JOWTUrTWtkQmxBaUVBd29SWVF1MjZab3B3cGNPV2x3VWUvRStpNEZLenB1bkNGWmY0NG1TMGN4UVx1MDAzZCIsImludGVybWVkaWF0ZVNpZ25pbmdLZXkiOnsic2lnbmVkS2V5Ijoie1wia2V5VmFsdWVcIjpcIk1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRVVKVzhMalV0VFY3ZXNETUpMdENlOGhZamxjUWloOGc3SFA1YmdPNHlzbWE0L0N3R3EwQ25aNUcwdDBvNDREOTJkOUwzU2ZYUzJHeUsyUEpNdEUvTkJnXHUwMDNkXHUwMDNkXCIsXCJrZXlFeHBpcmF0aW9uXCI6XCIxNzI0MTIwNTE1MDAwXCJ9Iiwic2lnbmF0dXJlcyI6WyJNRVlDSVFDMVpXZ0ZFYVNSMXBOYndUVzZsaVFMN1dYWlFaRXh4MUlkajdvUXpIdm9QUUloQU94MWIrOUNhbWZEZVpVY0hYcFUwMXhUZmE2RWFhSDNUZ0thVEJucnN1dUciXX0sInByb3RvY29sVmVyc2lvbiI6IkVDdjIiLCJzaWduZWRNZXNzYWdlIjoie1wiZW5jcnlwdGVkTWVzc2FnZVwiOlwieStYQTFsdHdsZFRjbVZTWndmVmF5UDdiMGhQTkxPREd5aTJVZ0NDSmNTU3MwaUJqNzNITUw1ZVdjWUJpVCtUK1pQOFNtVjU0VTlFMkFtdVJ3VmVWWUhhaThaL2FqcnhFN2ZNK0Z2L2U5SVh0MzZXakM0U1doQUhNOFQvRGtPbEU2QmN1b0tBTXo2aUxrSko0MGcwekFrVUtpamxuNVlFYmhMWEhSb2gvNWwvOHdHTkR4RXJJN0pkTlo0Y0E5dmg4Z28vZ1IyWVhLeFZuZ0ZINFBGSGNHeUthNE1LbllEQVRNQkRkeC9GK01JNHZWdFBMWHJ1VFBwRzBIQmdMbEpjdDk1TFpsOVQ2ODZzT1d1d2c0cFdMTFNxY2J1cWQrTUFaWmloeTJGVys5Y2RLTlhzZWJMOTFyUmJxN2RhaHRFVDFLOTBZenlXek05Q2ZudGNqSGY1WXFobnNzQXBuRStKYjdPWittbjVoTzI3WjkzYnk3RzNGZ2k3WXhKcWNXNG8vNEQrTklBTmUwQnF3YkZ5aHc1VW44cklLa1hnLy9XRDlUbEZIbDJvSWd5T0tuWkxPOE5ybmZFZmZveHN0dlJmdDFlbmFmRDBEYWRVazJJTDUrUVx1MDAzZFx1MDAzZFwiLFwiZXBoZW1lcmFsUHVibGljS2V5XCI6XCJCRnp5cy84T3k0aUJ1MFpZbExjeTVTTlpVT0tGUWhUeC85ODVxaU1GS0dzc1ZtNEZrOWh3ZVdsZW15Q2xNYkkyMTZsYnNQUzRTeTE1YWIvNzVnVzF2MDhcdTAwM2RcIixcInRhZ1wiOlwianBIVWVIclp1STF5Nzd3UmlzRnpuT2FkQXpsUDJqZThSRnBUOVBGcG1Ic1x1MDAzZFwifSJ9&redirect_url=https://www.yabandpay.com/redirect_url&request_id=g77ur3oqhkqd348iljrb04pbj412rka3&sub_pay_method=Google Pay&time=1723517503&timeout=0&user=016683"
Use stringA and secret_key to get stringSign
Get Signature:
"87c9a0c3b4efb2a709323cdd809efc5aa90a16a5d9fff802634e27ced8d4cae6"
Example Request (operation=1 Sales):
{
"user": "info@yabandmedia.com",
"sign": "87c9a0c3b4efb2a709323cdd809efc5aa90a16a5d9fff802634e27ced8d4cae6",
"method": "v3.GooglePay",
"time": 1721979693,
"data": {
"description": "test",
"timeout": "0",
"pay_method": "online",
"sub_pay_method": "Google Pay",
"order_id": 1721979693,
"amount": "0.1",
"currency": "EUR",
"operation": "1",
"redirect_url": "https://www.yabandpay.com/redirect_url",
"notify_url": "https://www.yabandpay.com/notify",
"3ds_initiate": "01",
"payment_token_object": "eyJzaWduYXR1cmUiOiJNRVVDSVFDOEJmbDJrSkttUjVvOUxNc3RCYnA0MGtBRW9FQnh4SlQ4VTl2UVgyc1JMd0lnTUJTOWpidDFxR0NoVmxmeElDUTdYOHBKM3VYN1lkY0M5UFd1eEVubmo5b1x1MDAzZCIsImludGVybWVkaWF0ZVNpZ25pbmdLZXkiOnsic2lnbmVkS2V5Ijoie1wia2V5VmFsdWVcIjpcIk1Ga3dFd1lIS29aSXpqMENBUVlJS29aSXpqMERBUWNEUWdBRVdabXZVODU3SnlOV2ZEbFFuVzBaRG1MUEpoSG91dlpsT09aZk5ORm9nWElJVlRVTnNYNGJ0MEZFakdpVEs4QTNGb094a0d5NStrQ0ZCWDUyL0hhcS93XHUwMDNkXHUwMDNkXCIsXCJrZXlFeHBpcmF0aW9uXCI6XCIxNzIwNTg5NjI3MTk5XCJ9Iiwic2lnbmF0dXJlcyI6WyJNRVVDSVFDbWpKSmFMYzUxWEo3T3dEaUY5QVVIVloyVytGMFJSVWdnNmI5YUc0S2hiUUlnVDBKeVdjRHNlcEpyc2ZyM0xzekdtTUpUNkxZSitzRmZ5YWtmYlIweHg1c1x1MDAzZCJdfSwicHJvdG9jb2xWZXJzaW9uIjoiRUN2MiIsInNpZ25lZE1lc3NhZ2UiOiJ7XCJlbmNyeXB0ZWRNZXNzYWdlXCI6XCJBaVhPT3BJYitNdGxSWnV3MW9nL3ZLVVdvT3FmVEcwZndMcG14WCtuSkFPRXJPQkFYa3dWWG8zd01DaVpQaEppZVN3dHZBNnFaVXpWVTBOVWJaWTVSdE1qZWxUWnVHV3dKcjdRVU9Ob3NXRzFXSmd4bjRHVVRPL2g2Nzdpd2ROajgzbVRDdWNPZnNHeDVMcTZCdXZXT1F0a21Gdk9qSnVSN1daQ2k3QTl4S2tWckxvVEsyWEpBNmNxb0pZMERpa1NMOU1WQW5JWVNyenpCakFwWVc0SGxXTm14ZnJYUUUzYTFKTW95UlRDWWR4azZwUGVzNi9xOG5zN2Fid1RHUGNicmNVZndaN0hiSnFWRVd1aFZxTWpxZW50RHgvRXd3SHFYd0s0YUhMc0hvOGVkc09jbEdMTXBNeFVVOHc0MHJ2ZFNxc3NyUEFmN0RnSGoydkNBNUt2amMrcnBaaGY0Wnl1UkFacHpHSmNvYXNTV3JVeXNqUG5FcFNyVnpzbWV3ejB1K2JyYmNFOTlFNnd0cHhnWVZwUVl0d3FmY2FRY3ZJWUZaT3FXaEJGNFpXcUZoUmdGSkZlQVJSQU1ndnlURmhDaVhObExqcFZcIixcImVwaGVtZXJhbFB1YmxpY0tleVwiOlwiQk83SUpTMVNBanlqWG9EUTVOblBqZmk3dWJ3UVB0Mkx1OFZVQm9SVlh0Q2pWV3h4UUNLWm9sbmc0cnBmUEdaVlRyQzNwOWRUMEtveWhBc2NsR0Z5ZFhFXHUwMDNkXCIsXCJ0YWdcIjpcImtoT1dIRUlSSzBuWVBiWU1OdnhkZVNUTzlsYWJRdlBYZWQrQ1NLZTFyZ1FcdTAwM2RcIn0ifQ==",
"browser_info": "eyJicm93c2VyX2phdmFfc2NyaXB0X2VuYWJsZWQiOiJ0cnVlIiwiYnJvd3Nlcl9qYXZhX2VuYWJsZWQiOiJ0cnVlIiwiYnJvd3Nlcl9jb2xvcl9kZXB0aCI6IjMyIiwiYnJvd3Nlcl9zY3JlZW5faGVpZ2h0IjoiOTYwIiwiYnJvd3Nlcl9zY3JlZW5fd2lkdGgiOiIxMDIwIiwiYnJvd3Nlcl90eiI6IjYwIiwiYnJvd3Nlcl9hY2NlcHRfaGVhZGVyIjoidGV4dC9odG1sLGFwcGxpY2F0aW9uL2pzb24sYXBwbGljYXRpb24veG1sO3E9MC45LGltYWdlL3dlYnAsKi8qO3E9MC44IiwiY2hhbGxlbmdlX3dpbmRvd19zaXplIjoiMDMiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJ6aC1DTiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNTguMC4zMDI5LjExMCBTYWZhcmkvNTM3LjMifQ==",
"request_id": "2cwmm7wubqkgtzbtzjhvhkaubev81a0r"
}
}
Example Response:
{
"status": true,
"code": "200",
"data": {
"order_id": "1723517503",
"trade_id": "e684679e-658b-ac70-fd9e-e4959e147e00",
"amount": "0.10",
"currency": "EUR",
"settlement_amount": "0.10",
"settlement_currency": "EUR",
"exchange_rate": "1",
"sub_pay_method": "Google Pay",
"state": "processing",
"url": "https://pay.yabandpay.com/dispose_shift4_googlepay_3ds?data=eyJwc3QiOiJlNjg0Njc5ZS02NThiLWFjNzAtZmQ5ZS1lNDk1OWUxNDdlMDAiLCJzaWduX3RyYWRlX2lkIjoiNWZkNzc5Zjg0MmY1ZTc2ZjVmNGQzNGQyNGQ5MGZkMzYyZWMyZGY5ZjU0ODk5ZjBlZDgxYTRkYWUxODM2MmEwNCIsInVzZXIiOiIwMTY2ODMifQ=="
},
"message": "",
"response_id": "202408131051432400124088"
}
More Information:
Return results:
On a successful API call, the response will be
"status": true.On a failed API call, the response will be
"status": false.
You need to redirect to the returned url. After the user enters their card information and completes the payment at this url, they will be redirected back to the redirect_url.
We strongly recommend using both Order Query and Asynchronous Notification simultaneously to synchronize and update payment status, ensuring real-time accuracy of payment information.
Result/Error codes:
| Status | Code | Message |
|---|---|---|
| true | 200 | |
| fales | -1000 | Internal error |
| fales | -403 | The signature Error |
| fales | -2001 | The user not exist |
| fales | -3001 | Required field is missing |
| fales | -4118 | Incorrect request ID |