Learn how to accept payments using Google pay™.
Connection instructions
This instruction is intended to enable the possibility of payment via Google Pay on your payment page when interacting via the API. With this integration method, the payment page must meet certain requirements, including working via https and meeting the requirements of Google Pay™:
The principle of working with the service
By clicking on the Google Pay button, the user goes to the page where the payment methods saved in his Google account are indicated. This way he will be able to quickly choose the method of payment convenient for him.
Payment process:
- By clicking the Google Pay button, the user goes to a page with a list of available payment methods and selects the desired one;
- Google Pay securely transfers the token corresponding to the specified payment method to your site;
- Your site sends its server a token and other payment details;
- The server processes the data and transfers the token to the payment service provider.
Payment via API
To work through the API, the company needs PCI DSS certification.
During registration, you will be given the data that you will need to use when making a payment:
- MerchantID – store ID
- ClientID – client ID
- ClientSecret – secret key
Getting a token for making a payment
URL POST https://testoauth.homebank.kz/epay2/oauth2/token
Request
grant_type: "client_credentials" scope: "payment" client_id: "ClientID" client_secret: "ClientSecret" invoiceID: "Номер заказа" amount: 100 currency: "KZT" terminal: "MerchantID"
Response
{
"access_token": "DCEB8O_ZM5U7SO_T_U5EJQ",
"expires_in": 7200,
"scope": "payment",
"token_type": "Bearer"
}
Additionally we attach links:
https://testepay.homebank.kz/api/payment/cryptopay -> Test URL https://epay-api-staging.homebank.kz/api/payment/cryptopay -> Staging URL https://epay-api.homebank.kz/api/payment/cryptopay -> Prod URL
Request header
Content-Type: application/json Authorization: Bearer <code>DCEB8O_ZM5U7SO_T_U5EJQ</code>
Request JSON
{
"amount": 100.0,
"currency": "KZT",
"name": "",
"invoiceId": "",
"description": "",
"accountId": "",
"email": "",
"phone": "",
"backLink": "",
"failureBackLink": "l",
"postLink": "",
"failurePostLink": "",
"language": "",
"paymentType": "googlePay",
"googlePay": {
"apiVersionMinor": 0,
"apiVersion": 2,
"paymentMethodData": {
"description": "Visa •••• 1111",
"tokenizationData": {
"type": "DIRECT",
"token": "{\"signature\":\"MEUCIQCg8EVRDoaFCClQt/B4P85kaI0o01Te7PtzK4geb020NgIgH/4QjV0g90wiSaIp5j2khIUehyBra5EBUYW4dRi9zWw\\u003d\",\"intermediateSigningKey\":{\"signedKey\":\"{\\\"keyValue\\\":\\\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEiPFGsUB3r5u94GfMb/qudvqnUm1ChMQJKb9DII454LnSflKA2CmwSCofunjyme+3YFEt58fQEhMCQTrfbJNSCA\\\\u003d\\\\u003d\\\",\\\"keyExpiration\\\":\\\"1650607298547\\\"}\",\"signatures\":[\"MEQCICLflkEi/5Gcf+yZVeoyqSgpobNYrTbfU8RYWooXoGMPAiAdeWeuPw5PMNCJynZN+2/AzHKEujn5x8DWb6nqwD0BdA\\u003d\\u003d\"]},\"protocolVersion\":\"ECv2\",\"signedMessage\":\"{\\\"encryptedMessage\\\":\\\"YDpsNtp8w1jnvnW1O6OBVjlX4p/cw+060kxrdHU3hOo5Dhq0UeO/2Pk6Y/lOpSq6xHgPQRM1BcalJU9QxKt6DjVm4mRx4CjZjiUu283ktfghFEmitR69HiTmvb1kRE1YAjcUpFadfoM9SsGC5YrJEe/5eRybwkn6IcSgJZZZ9CLqaw7qAjIZkZGbjNrSy9QdESDUdzcN5A7GMOWRMuQC/k9BmsBkvT7SLzikasPhLPP8z56J8E+m01nNBE5BCPhrLyu/aGoJNSdIJoRJoN88b//mS5b+TKsEIglGej8w54lpwpPr8GbqSPePHooN53QCkplY2t+LxO2Pr4jHEMb/ZaTQ36+58ZqUfV4jaYcds1SLuLMTns/3hnuTVZgg1zfBMQsNgZE5niAKPybL/RaRavRDX/GK4kVNjgsF1QWs8z2aOlBsx9krppHdthE\\\\u003d\\\",\\\"ephemeralPublicKey\\\":\\\"BP3QeTVZ6wpe3D83/OzF5A5FoNHDDnvBffeR8PAagr5PZP55SNR237a+QPyKUYmvKPYXe1R0I61GVK09LvkeGWE\\\\u003d\\\",\\\"tag\\\":\\\"Lq8NsPTu1rdHhthYFUtzptcV7aD7ViLVD8UddD8hNzY\\\\u003d\\\"}\"}"
},
"type": "CARD",
"info": {
"cardNetwork": "VISA",
"cardDetails": "1111"
}
}
}
}
Seller's actions required to connect Google Pay to a web page
Before accepting payments using Google Pay, be sure to read all the requirements and conditions from Google.
Connecting a web page to the Google Pay API:
Connection documentation:
Recommendations for connecting a web page to Google Play:
Payload Parsing documentation
A set of test cards
Seller's actions required to connect Google Play to the app
Before accepting payments using Google Pay, be sure to read all the requirements and conditions from Google.
Connecting an Android app to the Google Pay API:
Connection documentation:
Recommendations for connecting an Android app to Google Play::
Parameters for payment data
As parameters, you must specify:
Available payment methods: const allowedCardAuthMethods = ['PAN_ONLY', 'CRYPTOGRAM_3DS'];
Type of tokenization - PAYMENT_GATEWAY
Gateway parameter halykbank and gatewayMerchantId – can be used for your testing, but for real payments this parameter must be obtained from your manager:
const tokenizationSpecification = { type: "PAYMENT_GATEWAY", parameters: { 'gateway': "halykbank", 'gatewayMerchantId': "halykbank" } }
Example of request settings
1.Parameters for launching the request:
isReadyToPay
const readyToPayRequest = {
"apiVersion": 2,
"apiVersionMinor": 0,
"allowedPaymentMethods": [
{
"type": "CARD",
"parameters": {
"allowedAuthMethods": [
"PAN_ONLY",
"CRYPTOGRAM_3DS"
],
"allowedCardNetworks": [
"MASTERCARD",
"VISA"
]
}
}
]
}
2. Parameters for launching the request:
loadPaymentData
const paymentDataRequest = {
"apiVersion": 2,
"apiVersionMinor": 0,
"allowedPaymentMethods": [
{
"type": "CARD",
"parameters": {
"allowedAuthMethods": [
"PAN_ONLY",
"CRYPTOGRAM_3DS"
],
"allowedCardNetworks": [
"MASTERCARD",
"VISA"
]
},
"tokenizationSpecification": {
"type": "PAYMENT_GATEWAY",
"parameters": {
"gateway": "halykbank",
"gatewayMerchantId": "halykbank"
}
}
}
],
"transactionInfo": {
"countryCode": "RU",
"currencyCode": "RUB",
"totalPriceStatus": "FINAL",
"totalPrice": "1.00"
}
}
---
Payment scenario
- The customer chooses the Google Pay payment method.
- The client selects a card or adds it if there are no saved cards.
- Google Pay returns masked card data to the application.
- The application displays the masked data of the card added to Google Pay to the client.
- The customer confirms the payment using the card added to Google Pay.
- The application requests Google Pay encrypted card data.
- Google encrypts data using a public key - the corresponding private key is located in the payment gateway. We generate the public key ourselves and send it to Google (https://developers.google.com/pay/api/web/guides/resources/payment-data-cryptography?hl=ru )
- Google returns encrypted payment data to the application.
- The application sends a Google Pay payment request to the payment gateway, indicating the token received from the Google Pay system.
- The payment gateway decrypts the received token and makes the payment. Provided that the card is involved in 3-D Secure, the payment gateway sends a response to the payment request, which contains a redirect link to the server where we enter 3D data.
- The user goes to the site and authenticates.
- After successful authentication, the user is redirected from the ACS website to the payment gateway page.
- The payment gateway returns the payment result to the application.
- The application displays the payment result to the client
All merchants must adhere to the Google Pay APIs Acceptable Use Policy and accept the terms defined in the Google Pay API Terms of Service. https://payments.developers.google.com/terms/aup https://payments.developers.google.com/terms/sellertos