Methods

Google Pay

Integrate Google Pay into your checkout flow with Cardflo. This allows customers to pay quickly and securely using stored card details across Android devices and Chrome browsers.

Google Pay helps accelerate the payment process, reducing cart abandonment by offering a familiar and efficient payment option.

Category
Methods
Capabilities
10
Available on
All plans
Apply now

The overview

Google Pay serves as a digital wallet and payment platform that facilitates card-not-present transactions by utilising payment credentials stored in a user's Google Account. Within the payments stack, it acts as a container for various funding sources, including credit, debit, and prepaid cards.

When a customer initiates a transaction, Google Pay generates a virtual account number or a cryptogram, depending on whether the merchant is using network tokenisation or encrypted payloads.

This mechanism abstracts the primary account number from the merchant environment, which can reduce the scope of PCI-DSS compliance. For the acquirer and issuer, Google Pay transactions are processed via standard scheme rails, often benefiting from the security protocols of the underlying mobile device.

The system supports both web-based integrations through Chrome and in-app experiences on Android, using the Google Pay API to pass encrypted payment data through a gateway to the relevant card scheme.

How it works

  1. Customer initiates payment session

    The customer selects the Google Pay button within a merchant's checkout or mobile application. The Google Pay API displays a payment sheet where the customer chooses their preferred card and confirms the transaction.

    Identification often relies on biometric data or device passcodes to verify the user.

  2. Encrypted payload generation

    Once authorised by the user, Google generates an encrypted payment token or a dynamic cryptogram.

    This payload contains the necessary card information or a network token, along with transaction-specific data, ensuring that the actual primary account number is not exposed directly to the merchant's server during the transmission.

  3. Gateway transmission and decryption

    The merchant sends the encrypted payload to their PSP or gateway. The gateway decrypts the data to identify the card details or passes the network token directly to the acquirer.

    This step ensures that the transaction remains within the established secure rails for card processing.

  4. Issuer authorisation and settlement

    The acquirer submits the authorisation request to the issuing bank via the card scheme. The issuer validates the cryptogram and checks for available funds.

    Upon approval, an authorisation code is returned, and the transaction is eventually captured for settlement within standard industry timeframes.

Why it matters

Friction reduction and conversion

By removing the requirement for manual data entry of card numbers, expiry dates, and CVVs, Google Pay minimises the mechanical hurdles at the point of purchase. In mobile-first environments, these friction points often lead to cart abandonment.

Digital wallets allow for a compressed checkout experience that can lead to higher successful authorisation rates compared to traditional manual entry.

Advanced security through tokenisation

Google Pay utilises network tokenisation where available, replacing the physical card secondary account number with a device-specific token. Because these tokens are typically restricted to a specific merchant or device, the risk of fraudulent use following a data breach is significantly reduced.

This architecture aligns with modern security standards and protects the integrity of the payment lifecycle.

Use cases

Mobile e-commerce applications

Retailers with native Android applications use Google Pay to provide a single-tap checkout. This is particularly effective for impulse purchases where minimising steps to payment is critical for retaining the customer.

Chrome web browser checkout

Online merchants utilise the Google Pay API on their websites to capture stored payment details from Chrome users. This allows desktop and mobile web users to pay without physically accessing their plastic cards.

Subscription and recurring billing

Service providers can initiate the first transaction via Google Pay to secure a token. This token then facilitates subsequent merchant-initiated transactions for monthly renewals or usage-based billing models.

By the numbers

2x-3x faster
Checkout Time Reduction

Typical industry observations suggest that digital wallets can reduce the time spent in the checkout flow by several minutes compared to manual card entry.

10-20%
Mobile Conversion Lift

Industry reports often indicate a measurable uplift in conversion rates on mobile devices when one-tap payment methods like Google Pay are implemented.

2-5%
Authorisation Rate Improvement

Merchants using network tokens via digital wallets often see a marginal increase in authorisation rates due to reduced friction and better card life-cycle management.

Ready to route with Google Pay?

Talk to our team about a live rollout on your acquiring stack.

Apply now

What you get with Google Pay

  • Supports multiple card networks including Visa, Mastercard, and American Express via the wallet.
  • Utilises biometric authentication such as fingerprint or facial recognition for transaction authorisation.
  • Reduces merchant PCI-DSS liability by preventing direct handling of sensitive primary account numbers.
  • Integrates with the Google Pay API for both Android apps and web environments.
  • Compatible with network tokenisation to enhance security and improve lifecycle management of cards.
  • Provides a consistent payment experience across various devices and Google-linked platforms.
  • Supports the 3rd party verification requirements often found under SCA and PSD2 frameworks.
  • Enables rapid guest checkout without the need for creating a merchant-specific account.
  • Passes billing and shipping addresses stored in the Google Account to the merchant.
  • Operates over standard acquirer and scheme rails for easy reconciliation and reporting.
See Google Pay on your acquiring stack.

A short scoping call, then a written plan for your MIDs.

Apply now

Questions about Google Pay

How does Google Pay handle Strong Customer Authentication (SCA) requirements?

Google Pay is designed to be compatible with SCA requirements under PSD2. When a user authenticates on their device using biometrics or a passcode, this often satisfies the two-factor authentication criteria (something the user is and something the user has).

The resulting cryptogram passed to the acquirer indicates that the transaction was authenticated. However, depending on the issuer and the specific transaction risk profile, a 3-D Secure challenge may still be triggered, particularly for certain regulated regions or high-value transactions.

Are the transaction fees different when using Google Pay versus a standard card payment?

From an acquirer and scheme perspective, Google Pay transactions are typically treated as standard card-not-present (CNP) transactions. The merchant generally pays the same interchange, scheme fees, and acquirer markups as they would for a manual card entry.

Some schemes may offer specific incentivised rates for tokenised transactions, but there is typically no additional fee charged by Google to the merchant for processing these payments through the API.

What is the difference between Google Pay encrypted payloads and network tokens?

An encrypted payload is a secure block of data that contains either the card details or a token, which the PSP decrypts to process the payment. A network token is a non-sensitive substitute for the PAN, issued by the card scheme and stored by Google.

While both enhance security, network tokens can be updated automatically by the issuer if the physical card is lost or expires, reducing the likelihood of declines during the authorisation process.

Can Google Pay be used for recurring or merchant-initiated transactions?

Yes, Google Pay can be used to facilitate the initial customer-initiated transaction (CIT). During this process, the merchant or their gateway can obtain a token that is used for subsequent merchant-initiated transactions (MIT).

This is a common practice for subscription models, allowing the merchant to bill the customer at regular intervals without requiring the customer to be present for every billing cycle.

How does Google Pay help reduce chargebacks or disputes?

While Google Pay does not provide an absolute guarantee against chargebacks, the use of device-level authentication (biometrics/passcodes) provides stronger evidence of cardholder participation compared to simple CVV checks.

In cases where network tokenisation and cryptograms are used, the risk of 'lost and stolen' fraud is significantly lowered. However, ‘friendly fraud’ or service-related disputes remain a possibility and are handled via the standard scheme dispute process.

What data does the merchant receive when a customer uses Google Pay?

The merchant receives the necessary information to complete the order via the Google Pay API response. This typically includes the payment cryptogram or token, the card brand and last four digits (for display purposes), and, if requested, the customer's shipping and billing addresses.

This reduces the need for the merchant to collect this data via manual forms, though the merchant remains responsible for processing this data in accordance with GDPR or other privacy regulations.

Get started

Ready for velocity?

Tell us about your business. We'll match you with the right acquiring partners and the right route, typically inside a week.

Apply now
Apply now