Stay organized with collectionsSave and categorize content based on your preferences.
Strong Customer Authentication
To enable Google Pay to return appropriate payment credentials for transactions subject to Strong
Customer Authentication (SCA), you might need to update your implementation.
If you've completed a Google Pay API V2 integration, the following changes are required.
Update your PaymentDataRequest object
Update yourPaymentDataRequestobject with the following properties:
An authenticated payload that can be processed without any further step-up or challenge.
APANthat requires 3D Secure 2.0 through a solution provided in-house or through
payment service provider partners (PSP)
Most of ourPSPoffer the ability to apply
appropriate instrument risk checks and step-up transactions. Where applicable, this includes 3D
Secure for Google Pay PANPAN_ONLYtransactions.
If you have an in-house risk management tool, use theassuranceDetailsRequiredparameter to get more details about the transactions.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-11 UTC."],[[["\u003cp\u003eOnline payment transactions within the European Economic Area (EEA) must adhere to Strong Customer Authentication (SCA) standards as part of PSD2 regulations.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Pay integrations need to be updated to the latest API version (V2) to support SCA and ensure proper payment credential handling.\u003c/p\u003e\n"],["\u003cp\u003eDevelopers must update their \u003ccode\u003ePaymentDataRequest\u003c/code\u003e object to include merchant name, transaction country code, and total price to facilitate SCA compliance.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Pay will provide either an authenticated payload or a PAN requiring 3D Secure 2.0 processing, depending on the transaction risk assessment.\u003c/p\u003e\n"],["\u003cp\u003eMerchants should utilize their PSP or in-house risk management tools to perform additional checks and apply 3D Secure when necessary for transactions flagged as requiring further authentication.\u003c/p\u003e\n"]]],["For online transactions in the EEA, Google Pay must comply with Strong Customer Authentication (SCA). Implementers using Google Pay API V2 need to update their `PaymentDataRequest` object. This involves adding `merchantName`, `countryCode`, and `totalPrice`. Upon receiving a response, merchants might get an authenticated payload or a `PAN`, the latter requiring 3D Secure 2.0. Merchants should leverage PSPs or in-house risk management tools, using `assuranceDetailsRequired` and `cardHolderAuthenticated` to handle transactions requiring step-up authentication.\n"],null,["# SCA and Google Pay API\n\n| **Important:** Online payment transactions processed in European Economic Area (EEA) countries must comply with Strong Customer Authentication (SCA) requirements under the second Payment Services Directive (PSD2).\n\nStrong Customer Authentication\n------------------------------\n\nTo enable Google Pay to return appropriate payment credentials for transactions subject to Strong\nCustomer Authentication (SCA), you might need to update your implementation.\n\nIf you've completed a Google Pay API V2 integration, the following changes are required.\n| **Note:** Previous versions of the Google Pay API don't support the following features. You must [update to the latest version](/pay/api/web/guides/resources/update-to-latest-version).\n\n### Update your PaymentDataRequest object\n\nUpdate your `PaymentDataRequest` object with the following properties:\n\n- [`merchantInfo.merchantName`](/pay/api/web/reference/request-objects#MerchantInfo) : The merchant name is rendered in the payment sheet.\n- [`transactionInfo.countryCode`](/pay/api/web/reference/request-objects#TransactionInfo) : This indicates where the transaction is processed. You must specify the acquirer bank country.\n- [`transactionInfo.totalPrice`](/pay/api/web/reference/request-objects#TransactionInfo) : The total monetary value of the transaction, with an optional decimal precision of two decimal places.\n\n#### Updated PaymentDataRequest object example\n\nThe following is an example of an updated `PaymentDataRequest` object: \n\n```carbon\n{\n \"apiVersion\": 2,\n \"apiVersionMinor\": 0,\n \"merchantInfo\": {\n \"merchantName\": \"Example Merchant\"\n },\n \"allowedPaymentMethods\": [\n {\n \"type\": \"CARD\",\n \"parameters\": {\n \"allowedAuthMethods\": [\"PAN_ONLY\", \"CRYPTOGRAM_3DS\"],\n \"allowedCardNetworks\": [\"AMEX\", \"DISCOVER\", \"INTERAC\", \"JCB\", \"MASTERCARD\", \"VISA\"]\n },\n \"tokenizationSpecification\": {\n \"type\": \"PAYMENT_GATEWAY\",\n \"parameters\": {\n \"gateway\": \"example\",\n \"gatewayMerchantId\": \"exampleGatewayMerchantId\"\n }\n }\n }\n ],\n \"transactionInfo\": {\n \"totalPriceStatus\": \"FINAL\",\n \"totalPrice\": \"12.34\",\n \"countryCode\": \"GB\",\n \"currencyCode\": \"GBP\"\n }\n}\n```\n\nHandle the response object\n--------------------------\n\nMerchants receive one of the following:\n\n- An authenticated payload that can be processed without any further step-up or challenge.\n- A `PAN` that requires 3D Secure 2.0 through a solution provided in-house or through payment service provider partners (PSP)\n\nMost of our [PSP](/pay/api#participating-processors) offer the ability to apply\nappropriate instrument risk checks and step-up transactions. Where applicable, this includes 3D\nSecure for Google Pay PAN `PAN_ONLY` transactions.\n\nIf you have an in-house risk management tool, use the\n[assuranceDetailsRequired](/pay/api/web/reference/request-objects#CardParameters)\nparameter to get more details about the transactions.\n\nIf\n[assuranceDetails.cardHolderAuthenticated](/pay/api/web/reference/response-objects#assurance-details-specifications)\nreturns `false`, apply appropriate instrument risk checks and step-up transactions.\nWhere applicable, include 3D Secure."]]
